This website does readability filtering of other pages. All styles, scripts, forms and ads are stripped. If you want your website excluded or have other feedback, use this form.

Secure applications of low-entropy keys | SpringerLink

International Workshop on Information Security

ISW 1997: Information Security pp 121-134 | Cite as

Secure applications of low-entropy keys

  • John Kelsey
  • Bruce Schneier
  • Chris Hall
  • David Wagner
Key ManagementFirst Online: 17 June 2005 Part of the Lecture Notes in Computer Science book series (LNCS, volume 1396)


We introduce the notion of key stretching, a mechanism to convert short s-bit keys into longer keys, such that the complexity required to brute-force search a s + t-bit keyspace is the same as the time required to brute-force search a s-bit key stretched by t bits.


Hash Function Block Cipher Collision Attack Cherry Pick Birthday Attack These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves. This is a preview of subscription content, log in to check access.


Unable to display preview. Download preview PDF.


  1. [Aba97] M. Abadi, personal communication.Google Scholar
  2. [BDRSSTW96] [BDRSSTW96] M. Blaze, W. Diffie, R. Rivest, B. Schneier, T. Shimomura, E. Thompson, and M. Wiener, “Minimal Key Lengths for Symmetric Ciphers to Provide Adequate Commercial Security,” January 1996.Google Scholar
  3. [DBP96] H. Dobbertin, A. Bosselaers, and B. Preneel, “RIPEMD-160: A Strengthened Version of RIPEMD,” Fast Software Encryption: Third International Workshop, Cambrdige, UK, February 1996 Proceedings, Springer-Verlag, 1996, pp. 71–82.Google Scholar
  4. [H80] M.E. Hellman, “A Cryptanalytic Time-Memory Trade Off,” IEEE Transactions on Information Theory, v. 26, n. 4, Jul 1980, pp. 401–406.Google Scholar
  5. [Knu81] D. Knuth, The Art of Computer Programming: Volume 2, Seminumerical Algorithms, Addison-Wesley, 1981.Google Scholar
  6. [Man96] U. Manber, “A Simple Scheme to Make Passwords Based on One-Way Functions Much Harder to Crack,” Computers & Security, v. 15, n. 2, 1996, pp. 171–176.Google Scholar
  7. [MT79] R.H. Morris and K. Thompson, “UNIX Password Security,” Communications of the ACM, v. 22, n. 11, Nov 1979.Google Scholar
  8. [NBS77] National Bureau of Standards, NBS FIPS PUB 46, “Data Encryption Standard,” National Bureau of Standards, U.S. Department of Commerce, Jan 1977.Google Scholar
  9. [NIST93] National Institute of Standards and Technology, NIST FIPS PUB 180, “Secure Hash Standard,” U.S. Department of Commerce, May 93.Google Scholar
  10. [QDD86] J.-J. Quisquater, Y. Desmedt, and M. Davio, “The Importance of ‘Good’ Key Schemes (How to Make a Secure DES with ≤ 48 Bit Keys?),” Advances in Cryptology—CRYPTO '85 Proceedings, Springer-Verlag, 1986, pp. 537–542.Google Scholar
  11. [Sch96] B. Schneier, Applied Cryptography, Second Edition, John Wiley & Sons, 1996.Google Scholar
  12. [Tre97] Peter Trei, personal communication, 1997.Google Scholar
  13. [Wie94] M. Wiener, “Efficient DES Key Search,” TR-244, School of Computer Science, Carleton Unversity, May 1994.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • John Kelsey
    • 1
  • Bruce Schneier
    • 1
  • Chris Hall
    • 1
  • David Wagner
    • 2
  1. 1.Counterpane SystemsMinneapolis
  2. 2.Soda Hall, C.S. DivisionU. C. BerkeleyBerkeley

Personalised recommendations

Cite paper

Buy options


We use cookies to improve your experience with our site. More information