Key Stretching and Salting (Security+)


Examine the figure (click to enlarge).

Questions: 1. What did I encrypt? 2. How many iterations (or rounds) were performed?

(see answer below and video response)



I created a password for the GRUB bootloader in Linux and encrypted it using PBKDF2. This utilized the SHA512 cryptographic hash which ran for 10,000 rounds (iterations). The amount of rounds can be modified, but be careful when doing so – as it may increase computational time considerably -, and be sure to test it before putting a system into production.

The video solution below describes key stretching, salting and PBKDF2.

Video Solution:

Want to learn more? Check out my Security+ SY0-501 Cert Guide:


It has over 800 pages of content, 600 questions and answers, and 50 real-world scenarios included at the companion website. Get yours today at Amazon or PearsonITCertification