PBKDF2 (Password-Based Key Derivation Function 2) is a key derivation function that is part of RSA Laboratories Public-Key Cryptography Standards (PKCS) series. The standard recommends a salt length of at least 64 bits.

If PBKDF2 has been used and someone obtains your data (typically passwords) and attempts to run a cracking tool they will only be able to perform tens of thousands of guesses per second instead of millions or billions of guesses per second. To protect transmission of data it is also necessary to use public key cryptography, ideally with a protocol such as Fully Hashed MQV which provides Perfect Forward Secrecy.

PBKDF2 applies a pseudorandom function, such as a cryptographic hash, cipher, or HMAC to the input password or passphrase along with a salt value and repeats the process many times to produce a derived key, which can then be used as a cryptographic key in subsequent operations. The added computational work makes password cracking much more difficult, and is known as key stretching. In 2000 the recommended minimum number of iterations was 1000. The parameter is intended to be increased over time as CPU speeds increase. Having a salt added to the password reduces the ability to use precomputed hashes (rainbow tables) for attacks, and means that multiple passwords have to be tested individually, not all at once.

Systems that use PBKDF2 include FileVault; TrueCrypt; Mac OS X Mountain Lion; Apple iOS mobile operating system; WinZip AES Encryption; Django; MODX; OpenDocument encryption used in OpenOffice.org; Microsoft Windows Data Protection API (DPAPI); Cisco IOS and IOS XE Type 4 password hashes; Firefox Sync; Filesystem encryption in the Android operating system; and Wi-Fi Protected Access (WPA and WPA2) used to secure Wi-Fi wireless networks.

The php function hash_pbkdf2 generates a PBKDF2 key derivation of a supplied password in PHP v5.5+. Workarounds exist for older versions although password_hash() or crypt() with CRYPT_BLOWFISH are better suited for password storage.

This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article “PBKDF2”.