I want to use Rfc2898 in c# to derive a key. I also need to use SHA256 as Digest for Rfc2898. I found the class Rfc2898DeriveBytes
, but it uses SHA-1 and I don't see a way to make it use a different digest.
Is there a way to use Rfc2898 in c# with SHA256 as digest (short of implementing it from scratch)?
When to Use PBKDF2? Today PBKDF2 is considered old-fashioned and less secure than modern KDF functions, so it is recommended to use Bcrypt, Scrypt or Argon2 instead. We shall explain all these KDF functions in details later in this section.
PBKDF2 applies a pseudorandom function, such as hash-based message authentication code (HMAC), to the input password or passphrase along with a salt value and repeats the process many times to produce a derived key, which can then be used as a cryptographic key in subsequent operations.
PBKDF2 makes use of HMAC with any one of approved hash functions as it PRF. In PBKDF2, HMAC function is executed c \times len and the number of iteration count c needs to be large enough to provide security of the generated keys (c needs to be at least 1,000 and for higher security it needs to be 10,000,000) [2, 3].
PBKDF2 is a Password-Based Key Derivation Function described in PKCS #5 [3], [22]. For providing better resistance against brute force attacks, PBKDF2 introduces CPU-intensive operations. These operations are based on an iterated pseudorandom function (PRF) which maps input values to a derived key.
.NET Core has a new implementation of Rfc2898DeriveBytes
.
The CoreFX version no longer has the the hashing algorithm hard-coded
The code is available on Github. It was merged to master on March 2017 and has been shipped with .NET Core 2.0.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With