04-17-2013, 05:41 AM
(04-16-2013, 04:46 PM)atom Wrote: The PBKDF2-HMAC-SHA1 part is what makes the entire calculation slow. For each iteration of PBKDF2-HMAC-SHA1 you call 4 times the SHA1 transform. But this is only to produce a 160 bit key. To produce the required 320 bit key, you call it 8 times.Our mistake, then, was in failing to realize how PBKDF2 degenerates when you ask it for 32 bytes but just give it the 20-byte SHA1 to work with.