Key derivation standards
Categories: cryptography
PKSC#5 defines two different key derivation functions.
PBKDF1 specifies a system based on a hash function. It implements salting and iteration, much as described earlier in this tutorial. The maximum size of the derived key is 160 bits.
PBKDF2 specifies a system based on a random number generator. Once again, it implements salting and iteration, as described earlier in this tutorial. The size of the derived key is virtually unlimited for most practical purposes.
The specification recommends PBKDF2 for new applications. This is mainly because PBKDF1 has a very limited key size. However, one reason for this is that PBKDF1 permits only MD2, MD5 or SHA-1 as the hash [algorithm|hashalg]. There is no real reason why SHA-2 or RIPE could not be used, which would give a key size of up to 512 bits.
See also
- Symmetric encryption
- Applications of symmetric encryption
- Symmetric block ciphers
- Symmetric encryption algorithms
- Cryptographic modes
- Block padding methods
- Attacks on symmetric ciphers
- Cryptographic hashes
- Strong hashing functions
- Applications of hashes
- Common hash algorithms
- Attacks on hash algorithms
- Iterative hashes
- Message authentication codes
- Common MAC algorithms
- HMAC algorithm
- Key derivation
- Dictionary attacks on keys
- Key derivation using hash functions
- Salting
- Key derivation using random number generators
Sign up to the Creative Coding Newletter
Join my newsletter to receive occasional emails when new content is added, using the form below:
Popular tags
555 timer abstract data type abstraction addition algorithm and gate array ascii ascii85 base32 base64 battery binary binary encoding binary search bit block cipher block padding byte canvas colour coming soon computer music condition cryptographic attacks cryptography decomposition decryption deduplication dictionary attack encryption file server flash memory hard drive hashing hexadecimal hmac html image insertion sort ip address key derivation lamp linear search list mac mac address mesh network message authentication code music nand gate network storage none nor gate not gate op-amp or gate pixel private key python quantisation queue raid ram relational operator resources rgb rom search sort sound synthesis ssd star network supercollider svg switch symmetric encryption truth table turtle graphics yenc