Blockchain & Cryptocurrency Glossary

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.

  • search-icon Clear Definitions
  • search-icon Practical
  • search-icon Technical
  • search-icon Related Terms

Password-Based Key Derivation Function 2

1 min read
Pronunciation
[pas-wurd beyst kee der-uh-vey-shuhn fuhngk-shuhn too]
Analogy
Imagine PBKDF2 as a highly secure machine that takes your password and a unique salt. It then puts them through a rigorous 'stretching and folding' process (like making taffy) thousands or even millions of times. This makes the final key much harder to guess even if someone knows the machine's design, because they'd have to repeat the entire lengthy process for every password guess.
Definition
A widely used key derivation function designed to produce a cryptographic key from a password or passphrase. PBKDF2 applies a pseudorandom function, such as HMAC, to the input password along with a salt value, and repeats the process many times.
Key Points Intro
PBKDF2 is a standard for deriving strong keys from passwords through iterative hashing.
Key Points

Specified in RFC 2898 (PKCS #5 v2.0).

Uses a salt to protect against rainbow table attacks.

Employs an iteration count (work factor) to make brute-force attacks slower.

Can derive keys of various lengths.

Relies on an underlying pseudorandom function, typically HMAC-SHA1, HMAC-SHA256, or HMAC-SHA512.

Example
Wi-Fi Protected Access (WPA2 and WPA3) security protocols use PBKDF2 to derive cryptographic keys from the Wi-Fi password. Full-disk encryption software often uses PBKDF2 to derive the encryption key from a user's passphrase.
Technical Deep Dive
PBKDF2 works by applying a pseudorandom function (PRF), such as HMAC-H (where H is a cryptographic hash function), to the password and salt. This process is repeated a configurable number of times (iteration count). For each iteration, the output of the PRF from the previous step is used as input for the current step. The more iterations, the longer it takes to compute the derived key, thus increasing the difficulty for an attacker. The final derived key is typically composed of one or more blocks generated by this iterative process. The iteration count should be set as high as practically possible for the given application and hardware.
Security Warning
While PBKDF2 is a strong KDF, its security relies heavily on a sufficiently high iteration count. As hardware improves, iteration counts need to be increased. PBKDF2 is primarily CPU-bound, which means it can be significantly accelerated by attackers using GPUs or ASICs. For new applications, memory-hard KDFs like Scrypt or Argon2 are often recommended as they are more resistant to such hardware acceleration.
Related Terms
PBKDF2
Key Derivation Function
KDF
Salt
HMAC
Scrypt

Password-Based Key Derivation Function 2 - Related Articles

No related articles for this term.