Skip to content
/ pbkdf2 Public

An implementation of the Password-Based Key Derivation Function 2 (PBKDF2) mechanism as per RFC 8018.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

carlosmakin/pbkdf2

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
benchmark
benchmark
 
 
lib
lib
 
 
test
test
 
 
.gitignore
.gitignore
 
 
CHANGELOG.md
CHANGELOG.md
 
 
README.md
README.md
 
 
analysis_options.yaml
analysis_options.yaml
 
 
pubspec.yaml
pubspec.yaml
 
 

Repository files navigation

PBKDF2 🔑

Overview

This Dart repository implements the Password-Based Key Derivation Function 2 (PBKDF2) as per RFC 8018. PBKDF2 is a widely-used method for deriving cryptographic keys from passwords. It is particularly effective in thwarting brute-force attacks due to its use of salt and variable iteration counts.

PBKDF2

PBKDF2 applies a pseudorandom function, such as HMAC, to the input password along with a salt value and repeats the process multiple times to produce a derived key. This key can then be used for secure data encryption.

Key Features:

  • Enhanced Security: Increases resistance against brute-force attacks through the use of salt and iterations.
  • Customizable: Allows for the selection of the hash function and adjustment of iteration counts based on security needs.
  • Versatile Application: Suitable for a wide range of cryptographic applications, including encryption key generation and password hashing.

Best Practices:

  • Use a sufficiently long and random salt to protect against rainbow table attacks.
  • Set a high iteration count to increase the time required for brute-force attacks.

Background and History

PBKDF2, standardized in RFC 8018, is an evolution in password-based cryptography, providing a method to safely derive cryptographic keys from passwords.

RFC 8018

RFC 8018 provides comprehensive guidelines on the implementation and usage of PBKDF2. It outlines the algorithm's mechanics, emphasizing security considerations crucial for its effective application.

Usage Examples

Real-World Use Case: Key Generation for Encryption

Scenario: Generating a strong encryption key from a passphrase.

import 'dart:typed_data';
import 'package:pbkdf2/pbkdf2.dart';

Uint8List passphrase = ...; // User-provided passphrase
Uint8List salt = ...; // A unique salt
int iterations = 10000; // Standard iteration count
int keyLength = 32; // Key length for AES encryption

// Generate key
Uint8List encryptionKey = PBKDF2.deriveKey(passphrase, salt, iterations, keyLength);

// Use encryptionKey for cryptographic purposes

Contribution

Contributions to improve the implementation, enhance security, and extend functionality are welcome. If you find any issues or have suggestions, please feel free to open an issue or submit a pull request.

About

An implementation of the Password-Based Key Derivation Function 2 (PBKDF2) mechanism as per RFC 8018.

Topics

pbkdf2 hmac dartlang rfc8018

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages