Solved

PBKDF2 implementation in CryptoAPI?

Posted on 2008-10-30
8
1,816 Views
Last Modified: 2009-01-07
Hello Folks,

MSDN routinely mentions employing PBKDF2 (Along with SHA1 and CBC, etc) for password-based key derivation routines (http://msdn.microsoft.com/en-us/library/ms995355.aspx). I am in need to derive a key using PBKDF2 full specs, incuding:

- Sha1
- some preset SALT value
- some preset iteration count
- a hybrid CBC/CFB approach: CBC mode to encrypt all whole blocks and CFB mode to encrypt any remaining bytes.

I'm having a hard time finding and using PBKDF2 functionality through CryptoAPI. The CryptDeriveKey has some functionality exposed (I understand that SALT can be set through the CryptSetKeyParam(), but where is the iteration count set through CryptoApi?

Assuming CryptoApi is perusing some sort of PBKDF2, is this function exposed through some other API?

Thanks in advance.
0
Comment
Question by:Xpressionist
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
8 Comments
 

Author Comment

by:Xpressionist
ID: 23047255
I have implemented this on my own, if there is any interest, i'd be happy to supply my own code.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 23116343
No offence but way over 'my' head lol
0
 

Author Comment

by:Xpressionist
ID: 23125519
No offense taken :) Problem took a while to dissect.. in the end, it's basic encryption..
0
Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 23131544
As in it needed basic authentication to be allowed in addition to ntlm/instead of?
0
 

Author Comment

by:Xpressionist
ID: 23131596
The problem aroused since MSFT does not seem to have a PBKDF2 compliant function for password-derived keys. My client was using a (RFC2898 - PKCS #5) certified procedure to derive his keys, and I needed to mimic the same functionality by employing MSFT building blocks. In the end, the solution implemented RSA's white paper with some MSFT code...
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 23131636
Ah - OK. Thanks for the followup info.
0
 

Accepted Solution

by:
ee_auto earned 0 total points
ID: 23313051
Question PAQ'd, 500 points refunded, and stored in the solution database.
0

Featured Post

Enroll in June's Course of the Month

June’s Course of the Month is now available! Experts Exchange’s Premium Members, Team Accounts, and Qualified Experts have access to a complimentary course each month as part of their membership—an extra way to sharpen your skills and increase training.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article helps those who get the 0xc004d307 error when trying to rearm (reset the license) Office 2013 in a Virtual Desktop Infrastructure (VDI) and/or those trying to prep the master image for Microsoft Key Management (KMS) activation. (i.e.- C…
When asking a question in a forum or creating documentation, screenshots are vital tools that can convey a lot more information and save you and your reader a lot of time
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question