Solved

PBKDF2 implementation in CryptoAPI?

Posted on 2008-10-30
8
1,784 Views
Last Modified: 2009-01-07
Hello Folks,

MSDN routinely mentions employing PBKDF2 (Along with SHA1 and CBC, etc) for password-based key derivation routines (http://msdn.microsoft.com/en-us/library/ms995355.aspx). I am in need to derive a key using PBKDF2 full specs, incuding:

- Sha1
- some preset SALT value
- some preset iteration count
- a hybrid CBC/CFB approach: CBC mode to encrypt all whole blocks and CFB mode to encrypt any remaining bytes.

I'm having a hard time finding and using PBKDF2 functionality through CryptoAPI. The CryptDeriveKey has some functionality exposed (I understand that SALT can be set through the CryptSetKeyParam(), but where is the iteration count set through CryptoApi?

Assuming CryptoApi is perusing some sort of PBKDF2, is this function exposed through some other API?

Thanks in advance.
0
Comment
Question by:Xpressionist
  • 3
  • 3
8 Comments
 

Author Comment

by:Xpressionist
ID: 23047255
I have implemented this on my own, if there is any interest, i'd be happy to supply my own code.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 23116343
No offence but way over 'my' head lol
0
 

Author Comment

by:Xpressionist
ID: 23125519
No offense taken :) Problem took a while to dissect.. in the end, it's basic encryption..
0
Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 23131544
As in it needed basic authentication to be allowed in addition to ntlm/instead of?
0
 

Author Comment

by:Xpressionist
ID: 23131596
The problem aroused since MSFT does not seem to have a PBKDF2 compliant function for password-derived keys. My client was using a (RFC2898 - PKCS #5) certified procedure to derive his keys, and I needed to mimic the same functionality by employing MSFT building blocks. In the end, the solution implemented RSA's white paper with some MSFT code...
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 23131636
Ah - OK. Thanks for the followup info.
0
 

Accepted Solution

by:
ee_auto earned 0 total points
ID: 23313051
Question PAQ'd, 500 points refunded, and stored in the solution database.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
In this article, I will show you HOW TO: Install VMware Tools for Windows on a VMware Windows virtual machine on a VMware vSphere Hypervisor 6.5 (ESXi 6.5) Host Server, using the VMware Host Client. The virtual machine has Windows Server 2016 instal…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …

837 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question