PBKDF2PBKDF2 (Password-Based Key Derivation Function 2) is a key derivation function, which takes an input string, salt, and a number of rounds, and then outputs a byte stream a given size. This is then typically used with AES encryption, in order to secure the data. A 256-bit key has 32 bytes, and a 128-bit key has 16 bytes. It also uses a hashing method to process the output, such as with HMAC-SHA256 and HMAC-SHA512. One of its important advantages is that the conversion can be slowed down using increasing the number of rounds for the hashing process. OutlinePBKDF2 is a slow key derivation function, which takes an input string, salt, and a number of rounds. Test vectors for HMAC-SHA256 from RFC6070 are: Input: P = "password" (8 octets) S = "salt" (4 octets) c = 1 dkLen = 20 Output: DK = 12 0f b6 cf fc f8 b3 2c 43 e7 22 52 56 c4 f8 37 a8 65 48 c9 Try Input: P = "password" (8 octets) S = "salt" (4 octets) c = 2 dkLen = 20 Output: DK = ae 4d 0c 95 af 6b 46 d3 2d 0a df f9 28 f0 6d d0 2a 30 3f 8e Try Input: P = "password" (8 octets) S = "salt" (4 octets) c = 4096 dkLen = 20 Output: DK = c5 e4 78 d5 92 88 c8 41 aa 53 0d b6 84 5c 4c 8d 96 28 93 a0 Try Input: P = "passwordPASSWORDpassword" (24 octets) S = "saltSALTsaltSALTsaltSALTsaltSALTsalt" (36 octets) c = 4096 dkLen = 25 Output: DK = 34 8c 89 db cb d3 2b 2f 32 d8 14 b8 11 6e 84 cf 2b 17 34 7e bc 18 00 18 1c Try and for HMAC-SHA512 [here]: Password Salt Iterations Outputbytes SHA-512 0xResultInHex password salt 1 64 867F70CF1ADE02CFF3752599A3A53DC4AF34C7A669815AE5D513554E1C8CF252C02D470A285A0501BAD999BFE943C08F050235D7D68B1DA55E63F73B60A57FCE Try password salt 2 64 E1D9C16AA681708A45F5C7C4E215CEB66E011A2E9F0040713F18AEFDB866D53CF76CAB2868A39B9F7840EDCE4FEF5A82BE67335C77A6068E04112754F27CCF4E Try password salt 4096 64 D197B1B33DB0143E018B12F3D1D1479E6CDEBDCC97C5C0F87F6902E072F457B5143F30602641B3D55CD335988CB36B84376060ECD532E039B742A239434AF2D5 Try passwordPASSWORDpassword saltSALTsaltSALTsaltSALTsaltSALTsalt 4096 64 8C0511F4C6E597C6AC6315D8F0362E225F3C501495BA23B868C005174DC4EE71115B59F9E60CD9532FA33E0F75AEFE30225C583A186CD82BD4DAEA9724A3D3B8 Try CodeThe following defines some Python code:: st = "abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon cactus" salt="mnemonicBILL" rounds=2048 keylen=64 method='hmac-sha512' from passlib.utils.pbkdf2 import pbkdf2 import sys if (rounds>4096): print ("Too many rounds") sys.Exit() s2 = pbkdf2(st, salt, rounds, keylen=keylen, prf=method) print ("String:\t\t",st) print ("Salt:\t\t",salt) print ("Rounds:\t\t",rounds) print ("Key length:\t",keylen) print ("Method:\t\t",method) print ("\nHash: ",s2.hex()) # d184a269b4ea26dec12ed35e432e7d687a3b2b767a74e6b01b4009f991eda6dfbcc5f98e31409db7560a5640698094dcc190a0532f1360972e4cf3a8b594f936 A sample run is: String: passwordPASSWORDpassword Salt: saltSALTsaltSALTsaltSALTsaltSALTsalt Rounds: 4096 Key length: 25 Method: hmac-SHA256 Hash: 348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c Presentation |