Questions tagged [rfc2898]

RFC 2898 issued by the IETF in 2000 is about "PKCS #5: Password-Based Cryptography Specification Version 2.0" and is mainly a republication of PKCS #5 v2.0 from RSA Laboratories' Public-Key Cryptography Standards (PKCS) series

Abstract from official RFC file:

This memo represents a republication of PKCS #5 v2.0 from RSA Laboratories' Public-Key Cryptography Standards (PKCS) series, and change control is retained within the PKCS process. The body of this document, except for the security considerations section, is taken directly from that specification.

This document provides recommendations for the implementation of password-based cryptography, covering key derivation functions, encryption schemes, message-authentication schemes, and ASN.1 syntax identifying the techniques.

The recommendations are intended for general application within computer and communications systems, and as such include a fair amount of flexibility. They are particularly intended for the protection of sensitive information such as private keys, as in PKCS #8 [25]. It is expected that application standards and implementation profiles based on these specifications may include additional constraints.

Other cryptographic techniques based on passwords, such as password-based key entity authentication and key establishment protocols [4][5][26] are outside the scope of this document. Guidelines for the selection of passwords are also outside the scope.

33 questions

votes

1 answer

Why do I need to use the Rfc2898DeriveBytes class (in .NET) instead of directly using the password as a key or IV?

What is the difference between using Rfc2898DeriveBytes and just using Encoding.ASCII.GetBytes(string object);? I have had relative success with either approach, the former is a more long winded approach where as the latter is simple and to the…

c# cryptography rfc2898

asked Apr 17 '10 at 16:58

IbrarMumtaz

4,235
7
44
63

votes

4 answers

PBKDF2 implementation in C# with Rfc2898DeriveBytes

Guys, I'm trying to implement a PBKDF2 function in C# that creates a WPA Shared key. I've found some here: http://msdn.microsoft.com/en-us/magazine/cc163913.aspx that seems to produce a valid result, but it's one byte too short... and the wrong PSK…

c# pbkdf2 rfc2898

asked Jun 25 '09 at 22:48

Nick

2,913
12
40
52

votes

3 answers

PasswordDeriveBytes vs Rfc2898DeriveBytes, Obsolete but way faster

I'm working on a encryption functionality based on classes inherited from SymmetricAlgorithm such as TripleDes, DES, etc. Basically there're two options to generate consistent key and IV for my algorithm class, PasswordDeriveBytes and…

.net cryptography rfc2898 pbkdf2

asked Aug 31 '09 at 10:54

tshao

1,127
2
8
23

votes

3 answers

How to encrypt in VBScript using AES?

I am looking to encrypt some data using Rijndael/AES in VBScript using a specific key and IV value. Are there any good function libraries or COM components that would be good to use? I looked at CAPICOM; it allows a passphrase only, and won't allow…

asp-classic vbscript aes rijndael rfc2898

asked Nov 06 '08 at 22:05

Jon

votes

4 answers

JavaScript: How to generate Rfc2898DeriveBytes like C#?

EDIT: Per discussion in the comments, let me clarify that this will be happening server side, behind SSL. I do not intend to expose the hashed password or the hashing scheme to the client. Assume we have an existing asp.net identity database with…

javascript c# asp.net-identity cryptojs rfc2898

asked Feb 24 '15 at 21:18

Gojira

2,941
2
21
30

votes

1 answer

Password Hash via Rfc2898DeriveBytes - what to pass to getBytes

I am using Rfc2898DeriveBytes to hash passwords. However I am unsure as to what to pass to the GetBytes method which expects an int. What value should I pass to this and why? Rfc2898DeriveBytes hasher = new Rfc2898DeriveBytes(password,…

c# .net hash pkcs#5 rfc2898

asked Mar 18 '13 at 16:36

AJM

32,054
48
155
243

votes

2 answers

Does salt need to be random to secure a password hash?

I know very little about security (I need to find a basic explanation of the basics) and am trying to come up with a reasonable way to store user passwords in a database using .Net. Here's my current solution: private static byte[]…

security passwords rfc2898

asked Feb 08 '12 at 14:54

C.J.

6,789
7
36
45

votes

4 answers

Java equivalent of C#'s Rfc2898DerivedBytes

I was wondering if anyone have tried to do an equivalent of Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(secret, saltValueBytes); byte[] secretKey = key.GetBytes(16); in Java. Where secret is a string(password), and saltValueBytes is, well, a…

c# java algorithm encryption rfc2898

asked Jun 18 '09 at 12:27

El Che

1,301
3
15
33

votes

2 answers

How does RFC2898DeriveBytes generate an AES key?

I saw some code like string password = "11111111"; byte[] salt = Encoding.ASCII.GetBytes("22222222"); Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(password, salt); RijndaelAlg.Key = key.GetBytes(RijndaelAlg.KeySize / 8); I can see the key is…

c# encryption aes rijndael rfc2898

asked Dec 20 '09 at 22:06

Kelvin

1,103
2
11
16

votes

3 answers

Public Overrides Function GetBytes() As Byte() is obsolete

What does the poet try to say? Public Overrides Function GetBytes() As Byte() is obsolete: Rfc2898DeriveBytes replaces PasswordDeriveBytes for deriving key material from a password and is preferred in new applications. Should i replace this…

security cryptography rijndael obsolete rfc2898

asked Sep 29 '09 at 18:34

OrElse

9,709
39
140
253

votes

1 answer

Generate Rfc2898DeriveBytes key in JavaScript from C#

I have an application that encrypts and decrypts a field in C# using Rfc2898DeriveBytes. I have been trying to work out a cross platform solution using CryptoJS PBKDF2 to write a decrypt method in JavaScript. However, I have not been able to figure…

javascript c# encryption cryptojs rfc2898

asked Nov 27 '20 at 17:01

nashcheez

5,067
1
27
53

votes

0 answers

Choosing salt and key size for Rfc2898DeriveBytes

I'm working on upgrading the password hashing function in a legacy asp.net application. It was using Rfc2898DeriveBytes with the default SHA1. I've upgraded the application now to .Net 4.7.2, so I'm now able to choose a better hashing…

asp.net sha2 rfc2898

asked Oct 20 '20 at 11:43

user1751825

4,029
1
28
58

votes

1 answer

RFC2898DeriveBytes not decrypting

I am having some issues using RFC2898DeriveBytes. Here is the situation: I am creating a public/private key pair using RSACryptoProvider and I use Rfc2898 to encrypt the private key file. I am using the following code for encryption: …

c# encryption rfc2898

asked Mar 29 '13 at 09:55

coffeeak

2,980
7
44
87

vote

1 answer

Converting .Net decryption to Java

Currently I'm working on a project where they use AES encryption with RFC2898 derived bytes. This the decryption method that I've provided. Now I need to implement it in java. private string Decrypt(string cipherText) { string…

java .net encryption aes rfc2898

asked Feb 25 '20 at 04:43

Abdullah Al Mamun

vote

1 answer

AES 256 bit encryption with Rfc2898DeriveBytes

I've run into a confusing use of AES with Rfc2898DeriveBytes. Here's the code that I've found.... public static string Decrypt(string encryptionKey, string cipherValue) { byte[] cipherBytes = Convert.FromBase64String(cipherValue); …

c# encryption cryptography aes rfc2898

asked Apr 25 '17 at 14:23

Crash5998

2 3 Next