PBKDF2, defined in RFC 2898, is a specific Key Derivation Function (KDF). A KDF is simply any mechanism for taking a password (something a user remembers or stores in a password manager) and turning it into a symmetric key suitable for cryptographic operations (i.e., AES).
PBKDF2 takes as input a password, a salt (see TWOTW Salt and Pepper), an integer defining how many “iterations” of the hash function to undergo, and an integer describing the desired key length for the output.
source: https://www.ssltrust.com/blog/pbkdf2-password-key-derivation
PBKDF2 applies a pseudorandom function, such as hash-based message authentication code (HMAC), to the input password or passphrase along with a salt value and repeats the process many times to produce a derived key, which can then be used as a cryptographic key in subsequent operations. The added computational work makes password cracking much more difficult, and is known as key stretching (see TWOTW Key Stretching).
In 2023, OWASP recommended to use 600,000 iterations for PBKDF2-HMAC-SHA256 and 210,000 for PBKDF2-HMAC-SHA512.
Algorithmic representation of the iterative process of PBKDF2.
Having a salt added to the password reduces the ability to use precomputed hashes (rainbow tables) (see TWOTW Rainbow Tables) for attacks, and means that multiple passwords have to be tested individually, not all at once. The public key cryptography standard recommends a salt length of at least 64 bits. The US National Institute of Standards and Technology recommends a salt length of at least 128 bits.
source: https://en.wikipedia.org/wiki/PBKDF2
Further reading: Password Storage Cheat Sheet
No comments:
Post a Comment