Demystifying Key Stretching and PAKEs

Explore the intricacies of key stretching and Password-Authenticated Key Exchanges (PAKEs) in this 40-minute Black Hat conference talk. Delve into the history, common myths, and best practices surrounding these crucial cryptographic techniques. Learn about the impact of key stretching on secret recovery, potential pitfalls to avoid, and recommended minimum safe settings. Discover how PAKEs can enhance security for encrypted cloud services and prevent various attacks. Gain insights into side-channel attacks and understand when key stretching is necessary with PAKEs. By the end of the talk, acquire enough knowledge to create basic key stretching algorithms and PAKEs, while being cautioned against using these experimental implementations in production environments.

Demystifying Key Stretching and PAKEs