01-10-2013, 11:10 AM
(01-09-2013, 05:02 PM)Kuci Wrote: Personaly I need HMAC-SHA256 to be added into oclHashcat and other HMAC algos would be good too. THUMB UP.
This is my current recommendation to people for password storage, although I suggest they use it as part of PBKDF2 with lots of rounds.
Don't know how common it actually is now for password storage but hopefully it will catch on more.
It's definitely used/recommended frequently in signature schemes so could be useful there to try to derive a signing key if the message was known (or mostly known).