PBKDF2 (Password-Based Key Derivation Function) is a key derivation function that is part of RSA Laboratories' Public-Key Cryptography Standards (PKCS) series, specifically PKCS #5 v2.0, also published as Internet Engineering Task Force's RFC 2898. It replaces an earlier standard, PBKDF1, which could only produce derived keys up to 160 bits long.

PBKDF2 applies a pseudorandom function, such as a cryptographic hash, cipher, or HMAC to the input password or passphrase along with a salt value and repeats the process many times (1000 is a recommended minimum) to produce a derived key, which can then be used as a cryptographic key in subsequent operations. The added computational work makes password cracking much more difficult, and is known as key strengthening. By having a salt added to the password, this reduces the ability to use a preset dictionary to attack a password. The iterations increase the work that must be done on the attacker's side to build a brute force attack. If the salt is changed, the entire attack dictionary has to be rebuilt.

External links

• RSA PKCS #5 - Multiple Formats, and test vectors.
• RFC 2898

Authentication methods | Cryptography standards