PasswordDeriveBytes vs Rfc2898DeriveBytes, Obsolete but way faster

前端 未结 3 1621
深忆病人
深忆病人 2021-02-01 20:59

I\'m working on a encryption functionality based on classes inherited from SymmetricAlgorithm such as TripleDes, DES, etc.

Basically there\'re two options to generate co

相关标签:
3条回答
  • 2021-02-01 21:24

    They aren't the same thing.

    Rfc2898DeriveBytes is an implementation of PBKDF2. PasswordDeriveBytes is an implementation of PBKDF1. PBKDF2 generates a different output, using a different method, and a much larger number of rounds than PBKDF1.

    Password hashing functions, such as these, which are used for key derivation are supposed to be slow. That's the point - it makes them much more difficult to crack.

    The two functions are not compatible, and PasswordDeriveBytes is not nearly as secure.

    0 讨论(0)
  • 2021-02-01 21:28

    This blogpost talks about the differences between the two: http://blogs.msdn.com/shawnfa/archive/2004/04/14/generating-a-key-from-a-password.aspx

    0 讨论(0)
  • 2021-02-01 21:31

    I think you are missing the point of derivebytes. It is supposed to be slow. It intentionally uses slow algorithm which cannot be sped up by clever trick. The typical "number of iterations" parameter should be in 2^16-2^20 range and introduce a 0.1-0.5 second delay between user entering password and the key is generated. The intention is to defend against weak passwords selected by "lazy ignorant users" and slow down brute force search.

    0 讨论(0)
提交回复
热议问题