What is “key windup?”

When writing encryption, it is best practice to hash the password, such that the password cannot be recovered from the data, even if the ciphertext is deciphered by (usually statistical) analysis.

A modification, is to hash the password several thousand times. This assists in making the algorithm hard to brute force.

An informal name for the practice of hashing the password repeatedly, several thousand times, to generate the key, is “key windup.”

The reason for the procedure, is that it might take one twentieth (1/20) of a second to generate the key in this manner, but after that, encryption/decryption can proceed at full throttle. This means that at every human intervention, the time lost is insignificant. However, when an automaton attempts to brute force the same algorithm for some large number of keys, it finds that it can only “try” 20 passwords per second.

While the hashing would be standardized for any given implementation, there is no reason that it must be only sha1 or md5. Any combination of the various available hashes would be agreeable, and some encryption programs offer a drop down menu with a selection of these.

Good standardized hashes include, but are not limited to :

  • sha1
  • sha224
  • sha256
  • sha384
  • sha512
  • AES Keccak (sha3)
  • whirlpool
  • skein
  • ripemd

The trusty (and easy to use) Message Digest 5 is mathematically “broken,” because it is possible to offer a plaintext that digests to a similar value to a digital authority, but as a practical matter, no one can produce a counterfeit document that will pass as an original to a human, that hashes to the same md5 checksum.

Advertisements

About James Johnson

I am an amateur mathematician & political theorist who enjoys (occasionally cerebral) humor.
This entry was posted in Uncategorized and tagged , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s