“Salting and Stretching” is just one section of Chapter 21 of Cryptography Engineering, but it’s applicable to web applications, so I thought I’d summarize it here. Salting and stretching are two techniques for storing secrets. They should always be used, for example when storing passwords in a database. Salting A salt is just a random […]