04-16-2013, 11:06 PM
(04-16-2013, 10:45 PM)epixoip Wrote: a lot of the sha1 optimizations do not apply for hmac-sha1. the remarkable speeds come from cutting the total number of transforms required by 75%. defenders have to do 4x more work than an attacker,Then I continue to remain confused.
Isn't that speed up due to unpacking HMAC from PBKDF2 and is independent of the Agile Keychain Format? That is, isn't that a general issue with PBKDF2? That is, isn't that just about computing SHA1(ipad ^ pwd) once only instead of once per PBKDF2 round?