Key Stretching
Key stretching is a cryptographic technique designed to transform a password into a longer, more complex key. The objective is to slow down the process of deriving the original password, making it computationally infeasible for attackers to break into a system by brute force or dictionary attacks. In essence, key stretching stretches the time and effort required for hacking attempts. Key stretching can be implemented through various techniques, including the following:
- Password-Based Key Derivation Function 2 (PBKDF2): This widely used method iterates through a hash function multiple times, effectively slowing down the key derivation process
- Bcrypt: Specifically designed to address password hashing, Bcrypt incorporates salt and multiple rounds of hashing to amplify the time required for each iteration