Fork me on GitHub
#crypto
<
2017-04-04
>
vikeri13:04:06

Hello, general question about crypto, if I want to use a secure hash function like bcrypt but I want the output to not be linkable to the input salt. I.e. not to check that a password is correct but to generate a key that can be used for lookup. Do I just use bcrypt and cut off the part of the output value that is the salt (feels hacky), or do I use some other hash algorithm? I would like to not use the SHA family since they seem to be less secure than bcrypt and other “slower” algorithms.

vikeri13:04:33

And Clojure related, what is the best way to use the chosen hash algorithm, I saw there were multiple implementations in Java of Bcrypt for example.