Implementation of Password Based Key Derivation Function, from RSA labs.
See PKCS # 5 / RFC 2898 from rsa labs: and haskell cafe discussion on why password hashing is a good idea for web apps and a suggestion that this be implemented:
hashedpass = pbkdf2 ( Password . toOctets $ "password" ) ( Salt . toOctets $ "salt" )
- pbkdf2 :: Password -> Salt -> HashedPass
- pbkdf2' :: ([Word8] -> [Word8] -> [Word8], Integer) -> Integer -> Integer -> Password -> Salt -> HashedPass
- newtype Password = Password [Word8]
- newtype Salt = Salt [Word8]
- newtype HashedPass = HashedPass [Word8]
- toOctets :: Binary a => a -> [Word8]
- fromOctets :: Binary a => [Word8] -> a
A reasonable default for rsa pbkdf2.
pbkdf2 = pbkdf2' (prfSHA512,64) 5000 64
SHA512 outputs 64 bytes. At least 1000 iters is suggested by PKCS#5 (rsa link above). I chose 5000 because this takes my computer a little over a second to compute a simple key derivation (see t test function in source)
Dklen of 64 seemed reasonable to me: if this is being stored in a database, doesn't take too much space.
Computational barriers can be raised by increasing number of iters
Password Based Key Derivation Function, from RSA labs.
pbkdf2' (prf,hlen) cIters dklen (Password pass) (Salt salt)
prf: pseudo random function
hlen: length of prf output
cIters: Number of iterations of prf
dklen: Length of the derived key (hashed password)