Saran, Ayse NurdanBilgisayar Mühendisliği2024-07-042024-07-042024Saran, Ayse Nurdan (2024). "On time-memory trade-offs for password hashing schemes", Frontiers in Computer Science, Vol. 6.2624-9898https://doi.org/10.3389/fcomp.2024.1368362A password hashing algorithm is a cryptographic method that transforms passwords into a secure and irreversible format. It is used not only for authentication purposes but also for key derivation mechanisms. The primary purpose of password hashing is to enhance the security of user credentials by preventing the exposure of plaintext passwords in the event of a data breach. As a key derivation function, password hashing aims to derive secret keys from a master key, password, or passphrase using a pseudorandom function. This review focuses on the design and analysis of time-memory trade-off (TMTO) attacks on recent password hashing algorithms. This review presents a comprehensive survey of TMTO attacks and recent studies on password hashing for authentication by examining the literature. The study provides valuable insights and strategies for safely navigating transitions, emphasizing the importance of a systematic approach and thorough testing to mitigate risk. The purpose of this paper is to provide guidance to developers and administrators on how to update cryptographic practices in response to evolving security standards and threats.eninfo:eu-repo/semantics/openAccessTime-Memory Trade-Offs (Tmtos)Password Hashing Schemes (Phs)Pbkdf2Dictionary AttacksRainbow TablesArticle610.3389/fcomp.2024.13683622-s2.0-85187864601WOS:001184814600001N/AQ3