securely expand a password to 128 bits
Posted: Wed Dec 06, 2006 9:27 am
Hello guys,
I'm trying to expand a password that will probably have less than 128 bits (16 characters) to exactly 128 bits in order to use it as a key for mysql AES encryption. I can't ask the users to input minimul 16 characters. It would suck. So I need to expand the password somehow. I don't think repeating it would be a good ideea since I know this would bring some cryptographic vulnerabilities. What can I try?
The best ideea i think is to make a hash of the pasword since this is securely expanded already then select 128 bits, but i'm not so sure it's so good. I wanted to consult with you first.
I would apreciate your opinion. Thanks!
I'm trying to expand a password that will probably have less than 128 bits (16 characters) to exactly 128 bits in order to use it as a key for mysql AES encryption. I can't ask the users to input minimul 16 characters. It would suck. So I need to expand the password somehow. I don't think repeating it would be a good ideea since I know this would bring some cryptographic vulnerabilities. What can I try?
The best ideea i think is to make a hash of the pasword since this is securely expanded already then select 128 bits, but i'm not so sure it's so good. I wanted to consult with you first.
I would apreciate your opinion. Thanks!