view release on metacpan or  search on metacpan

lib/Authen/Passphrase/SaltedSHA512.pm  view on Meta::CPAN

Authen::Passphrase::SaltedSHA512 is a subclass of
L<Authen::Passphrase::SaltedDigest|http://search.cpan.org/perldoc?Authen::Passphrase::SaltedDigest>
that overrides the constructor to provide reasonable defaults so that you
don't have to spend a week reading articles on which algorithm to use, and how
to generate a good salt.

The hashing algorithm chosen is the SHA-512 hash function from the SHA-2
family.  Currently SHA-512 is a leading edge standard in strong hashing.

The salt generated when creating authentication credentials is a 512 bit
random string.  The random number generating algorithm used comes from
L<Bytes::Random::Secure|http://search.cpan.org/perldoc?Bytes::Random::Secure>.
That module uses Math::Random::ISAAC, "I<...a cryptographically-strong random
number generator with no known serious weaknesses.>"  Bytes::Random::Secure
obtains its seed using Crypt::Random::Seed.  The reason that
Bytes::Random::Secure was chosen over other random number generators is because
that module has a light-weight dependency chain, a cryptographically strong
random number generator, strong seeding (the hardest part of the CSPRNG problem)
across a wide variety of platforms, and useful hex output.