Key Derivation using PBKDF2

When using PBKDF2 to generate a symmetric key from a password, good parameters are critical for security. Here are widely recommended settings:

Recommended PBKDF2 Parameters

Parameter Recommended Value
Password User-defined, strong passphrase (≥ 12 characters)
Salt At least 128 bits (16 bytes), cryptographically random
Hash Function SHA-256 or SHA-512 (avoid older ones like MD5, SHA-1)
Iterations At least 100,000 (preferably 310,000+ as of 2025)
Key Length Depends on the encryption algorithm:
- AES-128: 16 bytes
- AES-256: 32 bytes
Encoding Output the derived key in raw bytes, or Base64/hex if needed for display/storage

Best Practices

  • Salt must be unique per password to prevent rainbow table attacks.
  • Store salt alongside encrypted data, since it's not secret.
  • Use a high iteration count to slow down brute-force attempts (balance against performance).

Example in Pseudocode:

PBKDF2(
password = "correcthorsebatterystaple",
salt = RandomBytes(16),
iterations = 310000,
hash = SHA-256,
outputLength = 32  // for AES-256
)

PBKDF2 Examples using Chilkat:

Android™ Classic ASP AutoIt C Python C++ C# DataFlex Delphi Visual FoxPro Go Java Node.js Objective-C Perl PHP PowerBuilder PowerShell PureBasic Ruby Swift Tcl Visual Basic 6.0 VB.NET VBScript Xojo