Balloon hashing

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Balloon hashing is a key derivation function presenting proven memory-hard password-hashing and modern design. It was created by Dan Boneh, Henry Corrigan-Gibbs (both at Stanford University) and Stuart Schechter (Microsoft Research) in 2016.[1][2]

The authors claim that Balloon:

Balloon is compared by its authors with Argon2, a similarly performing algorithm.[1]

Algorithm

[edit | edit source]

There are three steps in the algorithm:[1]

  1. Expansion, where an initial buffer is filled with a pseudorandom byte sequence derived from the password and salt repeatedly hashed.
  2. Mixing, where the bytes in the buffer are mixed time_cost number of times.
  3. Output, where a portion of the buffer is taken as the hashing result.

References

[edit | edit source]
  1. ^ a b c Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
  2. ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

Further reading

[edit | edit source]
  • Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
  • Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
[edit | edit source]