Almacenamiento de contraseñas
The document provides guidelines on cryptographic functions, emphasizing the importance of considering current threats and the need for specific adaptations due to varying information system objectives. It highlights recommended password hashing algorithms with minimum parameters, stressing the significance of updating stored password hashes for enhanced security. Expert cryptographers Simone Dutto, Sergio Polese, and Giordano Santilli contributed to the document, underscoring the expertise behind the recommendations.
Furthermore, it discusses the characteristics of hash functions, their suitability for password storage, and the potential vulnerabilities associated with simple cryptographic hash functions. The document advises against storing passwords using basic hash functions and suggests key derivation functions for enhanced security. It also addresses the risks of quantum computing attacks on password hash functions and recommends doubling the hash size to maintain current security standards effectively.
In conclusion, the document underscores the critical nature of secure password storage practices, the importance of continuous evaluation of proposed solutions, and the need to stay abreast of evolving cryptographic threats for robust data protection.
