PBKDF2WithHmacSHA256密钥长度对输出长度的影响 [英] PBKDF2WithHmacSHA256 impact of key length to the output length
问题描述
考虑以下Java代码:
Consider the following java code:
KeySpec spec = new PBEKeySpec("pass".toCharArray(), "salt".getBytes(),
10000, 512);
SecretKeyFactory f = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
System.out.println(f.generateSecret(spec).getEncoded().length);
此代码输出" 64
".所以是64个字节,而SHA-256是32个字节的哈希.
This code outputs "64
". So 64 bytes, while SHA-256 is a 32 byte hash.
我知道我指定了512位(64字节)作为密钥长度.
但是,我会期望(PBKDF2)将由SHA-256进行哈希处理,因此输出应始终为32个字节,而不管我使用的密钥大小如何.
I know I specified 512 bits (64 byte) as the key length.
However I would expect that the generated key
(PBKDF2) will be hashed by SHA-256 so that the output should always be 32 bytes, irrespective what key size I am using.
我所缺少的(或者为什么我的期望是错误的)?
What I am missing (or why are my expectations wrong)?
推荐答案
我们可以将PBKDF编写为 DK = PBKDF2(PRF,Password,Salt,c,dkLen)
We can write PBKDF as DK = PBKDF2(PRF, Password, Salt, c, dkLen)
-
PRF
是伪随机函数,输出长度为hlen
-
dkLen
是派生密钥的所需位长 - 'c'是迭代次数
PRF
is pseudorandom function with output lengthhlen
dkLen
is the desired bit-length of the derived key- 'c' is the number of iterations
计算方式;
DK = T1 ‖ T2 ‖ ... ‖ T_{dklen/hlen}
其中 Ti = F(密码,盐,c,i)
,并且每个都有 hlen
大小.
Where Ti = F(Password, Salt, c, i)
and each has hlen
sizes.
F(Password, Salt, c, i) = U1 ⊕ U2 ⊕ ... ⊕ Uc
和
U1 = PRF(Password, Salt + INT_32_BE(i))
U2 = PRF(Password, U1)
...
Uc = PRF(Password, Uc-1)
dklen
最多为后端哈希(PRF)输出大小的2 ^ 32-1倍.
The dklen
can be at most 2^32 - 1 times the size of the output of the backend hash (PRF).
,只需对32位编码值的 i
进行盐修饰,PBKDF2就可以输出多个 hlen
输出.
as you can see, with little modification of the salt with 32-bit encoded value of i
, PBKDF2 can output multiple hlen
outputs.
这篇关于PBKDF2WithHmacSHA256密钥长度对输出长度的影响的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!