Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

I see jasypt uses salt and iteration count for creating digests. Does it also use them for generating keys for password-based encryption?

April 26, 2017creating Digests generating iteration jasypt keys password-based Salt uses

0

Posted

I see jasypt uses salt and iteration count for creating digests. Does it also use them for generating keys for password-based encryption?

1 Answer

0

Posted

Of course. You see the use of salt and iteration count more thoroughly explained in jasypt documentation when referred to digests, but this is simply because many people wrongly (and dangerously) forget about using them when doing digests of, say, passwords. Thus, it seemed important to remark its use when digesting. On the contrary, password-based encryption is usually done the right way, partly because the Java API for PBE enforces it to some extent. Anyway, jasypt offers you the advantage of transparently dealing with secure salt generation and checking. For more info about the way password-based encryption should be done (and is done by jasypt), see see PKCS #5: Password-Based Cryptography Standard.