Password Security: Information Theory and Key Derivation 1. Foundations of Information-Theoretic Password Strength 1.1 Shannon Entropy and Its Misapplication 1.2 The Information-Theoretic Case for Length Over Complexity 1.3 Passphrases and Dictionary-Based Selection 2. Cryptographic Primitives: The Evolution of Password Hashing 2.1 The Fundamental Distinction: Hash Functions vs. KDFs 2.2 The Cryptanalytic Advantage: GPU and ASIC Acceleration 2.3 PBKDF2: The CPU-Hardening Attempt 2.4 bcrypt: Memory-Based Instruction Hardening 2.5 scrypt: The Memory-Hard Pioneer 2.6 Argon2: The Current State of the Art 2.6.1 Design Philosophy 2.6.2 Memory-Hard Construction 2.6.3 Three Variants 2.6.4 Parameter Selection (RFC 9106 Guidelines) Python example using argon2-cffi Verification takes ~500ms on modern hardware 3. Salt, Pepper, and Protection Against Precomputation Attacks 3.1 The Rainbow Table Attack 3.2 The Pepper: Adding an Application-Secret 3.3 k-Anonymity and Breach Detection 4. Threat Modeling for Password Storage Systems 4.1 Attack Surface Analysis 4.2 The Offline Attack Scenario 4.3 Storage Format and Migration 5. NIST SP 800-63B: Modern Standards and Their Rationale 5.1 The Paradigm Shift 5.2 Technical Rationale 5.3 Implementation Checklist 6. Best Practices for Engineering Teams 6.1 Algorithm Selection Decision Tree 6.2 Parameter Tuning Guidelines 6.3 Security Testing Protocol 7. Future Directions and Emerging Threats 7.1 Quantum Computing Considerations 7.2 Hardware Security Modules 7.3 Post-Quantum Credential Storage 8. Conclusion
