5

KeyDerivation in MSDN:

Performs key derivation using the PBKDF2 algorithm.

Rfc2898DeriveBytes in MSDN:

Implements password-based key derivation functionality, PBKDF2, by using a pseudo-random number generator based on HMACSHA1.

Aren't those the same things? We can set the hashing algorithm in both methods.

SpiritBob
  • 2,355
  • 3
  • 24
  • 62
  • Does this helps you? [Rfc2898 / PBKDF2 with SHA256 as digest in c#](https://stackoverflow.com/q/18648084/1820553) – kelalaka Jan 24 '20 at 17:31
  • 1
    @kelalaka it helps me understand that perhaps there is no difference? PBKDF2 previously could only encrypt with SHA-1, but now it offers a constructor to encrypt in any way possible, leading to this exact question - is there any difference between the two? – SpiritBob Jan 27 '20 at 08:50
  • Originally, no there is no difference, since they both implement Rfc2898DeriveBytes which states SHA1 and these mentioned on their half manual pages. Checking them should be easy if you have the development environment. – kelalaka Jan 27 '20 at 10:02
  • @kelalaka Indeed, I'll do it once I've got time and update it with an answer if they are indeed the same, or for some reason they end up different. I'll simply use the same hashing algorithm, salt, byte array etc for both classes, and comparing their produced value. – SpiritBob Jan 27 '20 at 10:36

1 Answers1

1

Both functions do the same thing (when both used with the same parameters, they generate the same cryptographic key).

The only difference in their design, is that Rfc2898DeriveBytes offers much more algorithms for encryption, whereas KeyDerivation offers less and is also a package that needs to be downloaded. (Exists pre-installed only in ASP.NET/ASP.NET Core, unless I'm mistaken.)

From a performance perspective (benchmarks are my own), at one point KeyDerivation was much faster, especially in SHA-1 computations, but after testing for 10 to 15 minutes straight, it seems they evened out, so I can't really say which is more efficient. What I can say is that you'll need an extra assignment for Rfc2898DeriveBytes, which you will either immediately dispose, or re-use throughout your application's lifespan, whereas KeyDerivation does not need any ceremonies in its usage. That of course, comes at the price of its limited algorithms.

If you constantly dispose and instance a new Rfc2898DeriveBytes (not re-used, which is 90% of the time due to inability to change the supplied password), I believe KeyDerivation is much, much faster. (My benchmarks showed 50% penalty in speed.)

SpiritBob
  • 2,355
  • 3
  • 24
  • 62