This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
PBKDF2
PBKDF2

Version management

Difference between version and

At line 1 added 20 lines
!!! Overview
[{$pagename}] ([Password-Based Key Derivation Function] 2) is a [Key Derivation Function] that is part of [RSA] Laboratories' [Public-Key Cryptography Standards] ([PKCS]) series, specifically [PKCS #5|PKCS5] v2.0, also published as Internet Engineering Task Force's [RFC 2898].
[{$pagename}] replaces an earlier standard, [PBKDF1], which could only produce derived keys up to 160 bits long.
[{$pagename}] applies a [pseudorandom function], such as a [cryptographic Hash Function], [cipher], or [HMAC] to the input [password] or passphrase along with a [salt] value and repeats the process many times to produce a derived key, which can then be used as a [cryptographic] key in subsequent operations.
The added computational work makes password cracking much more difficult, and is known as key stretching. When the standard was written in 2000, the recommended minimum number of iterations was 1000, but the parameter is intended to be increased over time as CPU speeds increase.
Having a [salt] added to the password reduces the ability to use precomputed hashes (rainbow tables) for attacks, and means that multiple passwords have to be tested individually, not all at once. The standard recommends a [salt] length of at least 64 bits
!! [{$pagename}] [NIST]
[{$pagename}] is also described in [NIST.SP.800-132].
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [PBKDF2|Wikipedia:PBKDF2|target='_blank'] - based on data observed: 2015-09-18
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop