@techreport{kistel-encrypted-password-storage-00,
    number =    {draft-kistel-encrypted-password-storage-00},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-kistel-encrypted-password-storage/00/},
    author =    {Robert Kisteleki},
    title =     {{Password Storage Using Public Key Encryption}},
    pagetotal = 5,
    year =      2013,
    month =     dec,
    day =       8,
    abstract =  {Current password storage methods predominantly use cryptographic hash functions in order to avoid storing users' passwords in clear text. Unfortunately, recent advancements in hardware design (notably GPUs) allow an attacker to try millions or even billions of password guesses per second which makes "decryption" of simple passwords feasible in short amounts of time. This document describes a password storage scheme that incorporates public key encryption in order to slow down password verification. Since public key algorithms are several orders of magnitude slower than hash functions, the result makes it much harder for an attacker to discover users' passwords from the stored, encrypted format.},
}