Practical security improvement of PKCS#5

Sanghoon Song, Taekyoung Kwon, Ki Song Yoon

Research output: Contribution to journalArticle


A public key infrastructure (PKI) is being deployed in a field of network security. PKCS#5 is one of the most popular standards in PKI framework, intended for the practical implementation of password-based cryptography. So, the PKCS#5 encryption must be useful for general software applications within multimedia systems. However, it has a critical weak point in terms of security such as being vulnerable to off-line attacks due to the password-derived encryption key. In this paper, we observe a practical and simple method to improve security of the PKCS#5 encryption without modifying the installed base. The idea is to hide a salt by exploiting several existing schemes.

Original languageEnglish
Pages (from-to)869-876
Number of pages8
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Publication statusPublished - 2003 Dec 1


All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this