密钥大小在Rfc2898DeriveBytes（PBKDF2）实现中的重要性 [英] Importance of the key size in the Rfc2898DeriveBytes (PBKDF2) implementation

问题描述

这是我用来在派生键）的代码。使用实现）在.NET中提供的Rfc2898DeriveBytes 类：

This is the code I use to "hash" (or derive key as called in the PBKDF2 implementation of the PKCS standard) passwords strings with the Rfc2898DeriveBytes class provided in .NET:

int saltSize = 256;
int iterations = 1000;
int keySize = 20;  // The parameter I'm not sure of

var deriveBytes = new Rfc2898DeriveBytes("mypassword", saltSize, iterations);
byte[] salt = deriveBytes.Salt;
byte[] key = deriveBytes.GetBytes(keySize);

现在，我明白盐的大小并不重要（只要它足够确保随机盐将是唯一的），但关键尺寸又如何？是否有更长的密钥提供更多的安全措施来抵御攻击？

Now, I understand that the salt size doesn't matter much (as long as it is enough to ensure that random salts will be unique), but what about the key size? Does a longer key provides more security against attacks?

（注意：

1.性能问题在这里不适合我，更长的salt或更长的键将花费更多时间用于 GetBytes 返回值。

2.我想使用此散列来存储他们在一个数据库中，而不是在加密方案中使用它们）

(Notes:
1. Performance matters do not import for me here, it is obvious that a longer salt or a longer key will take more time for GetBytes to return a value.
2. I want to use this "hash" to store them in a database, not to use them afterwards in a encryption scheme)

推荐答案

通常，您使用PKCS＃5 v2 / RFC2898从用户密码创建一个对称密钥。大小很重要，因为它必须匹配您要使用的对称算法所需的大小。

Generally you use PKCS#5 v2 / RFC2898 to create a symmetric key from a user password. The size is important because it must match the required size of the symmetric algorithm you'll be using.

aes.Key = deriveBytes.GetBytes (16); // 16 * 8 = 128 bits

然而，你似乎正在考虑保持密码散列，不是一个关键，所以在你的具体情况下，大小并不重要。如果您需要特定值，您可以安全地将其修改为散列大小（SHA1为20个字节）。

However you seems to be looking at keeping an hash of passwords, not for a key, so the size is not as important in your specific case. You can safely fix it to the hash size (20 bytes for SHA1) if you want a specific value.

一般说明性能问题）：使用PKCS＃5 v2（或更早版本）比使用 salted 散列或HMAC需要更长的时间（迭代次数）。

General note (for people where performance matters): using PKCS#5 v2 (or older) will take a lot longer (iteration count) than using a salted hash or an HMAC.

这篇关于密钥大小在Rfc2898DeriveBytes（PBKDF2）实现中的重要性的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！