RFC2898DeriveBytes如何生成AES密钥? [英] How does RFC2898DeriveBytes generate an AES key?

问题描述

我看到了一些类似的代码

I saw some code like

string password = "11111111";
byte[] salt = Encoding.ASCII.GetBytes("22222222");
Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(password, salt);
RijndaelAlg.Key = key.GetBytes(RijndaelAlg.KeySize / 8);

我可以看到密钥是由Rfc2898DeriveBytes生成的，带有密码短语和盐.然后AES通过GetBytes检索密钥.

I can see the key is generated by Rfc2898DeriveBytes with passphrase and salt. Then AES retrieves the key by GetBytes.

但是问题是，RFC2898DeriveBytes是做什么的，key.GetBytes(cb)是做什么的?有人可以详细说明吗?我无法从文档中得到它.

But the question is, what does RFC2898DeriveBytes do and what key.GetBytes(cb) do? Could anyone elaborate this? I couldn't get it from the documentation.

推荐答案

RFC2898指的是2000年9月发布的基于密码的密码规范.有效地， Rfc2898DeriveBytes 使用密码和盐来生成密钥.它使用的方法称为PBKDF2(基于密码的密钥派生功能#2)，并在RFC2898的5.2节中定义.从5.2节开始:

RFC2898 refers to a password-based cryptography specification published in September 2000. Effectively, Rfc2898DeriveBytes takes a password and salt to generate keys. The method it uses is known as PBKDF2 (Password Based Key Derivation Function #2) and is defined in section 5.2 of RFC2898. From section 5.2:

PBKDF2应用伪随机函数(有关示例，请参见附录B.1)来导出密钥.派生密钥的长度基本上是不受限制的.(但是，派生密钥的最大有效搜索空间可能受基础伪随机函数的结构限制.有关更多讨论，请参见附录B.1.)推荐将PBKDF2用于新应用.

PBKDF2 applies a pseudorandom function (see Appendix B.1 for an example) to derive keys. The length of the derived key is essentially unbounded. (However, the maximum effective search space for the derived key may be limited by the structure of the underlying pseudorandom function. See Appendix B.1 for further discussion.) PBKDF2 is recommended for new applications.

有关更多详细信息，请参见 RFC2898 .

For further details, see RFC2898.

关于 Rfc2898DeriveBytes.GetBytes 的作用，它在每次调用时都返回一个不同的密钥.它实际上只是重复使用相同的密码和密码但又有迭代次数的PBKDF2.

As for what Rfc2898DeriveBytes.GetBytes does, it returns a different key on each invocation; it effectively just applies PBKDF2 repeatedly with the same password and salt but also an iteration count.

这在RFC文档中概述，其中PBKDF2定义为

This is outlined in RFC doc where PBKDF2 is defined as

PBKDF2 (P, S, c, dkLen)

其中 P 是密码， S 是盐， c 是迭代计数，而 dkLen 是所需密钥的长度.

where P is the password, S is the salt, c is the iteration count and dkLen is the length of the desired key.

RFC 通常非常有趣，并且在历史上非常重要. RFC 1149 非常重要，

The RFCs are in general very interesting and historically quite important. RFC 1149 is quite important, as is RFC 2324.

这篇关于RFC2898DeriveBytes如何生成AES密钥?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！