How to Store Sensitive Information in 2020

Virtual October 22, 2020 2:00 pm - 2:40 pm Feedback     

Bookmark and Share

Mansi Sheth

It goes without saying never ever store personal/sensitive information in clear text. It is also a well-known fact salting, hashing, or stretching your information can provide little protection against contemporary computer architectures and modern brute force attack constructs. Those abreast with this subject would have come across countless advocatory material suggesting using key derivation functions (KDFs) to store sensitive information. There are a handful of solid KDFs, which are good candidates to use for storing sensitive information such as pbkdf2, bcrypt, scrypt, Argon2. In this talk, lets dive deeper to study some of its underlying crypto, what and how to tune these algorithms with secure input parameter configurations and how to decide which algorithm would be the right choice for your needs. Lastly, I will present some statistics on how well all these different algorithms compare against each other.