NAME
bcrypt_pbkdf
—
bcrypt password-based key derivation
function
SYNOPSIS
#include
<util.h>
int
bcrypt_pbkdf
(const
char *pass, size_t
pass_len, const uint8_t
*salt, size_t
salt_len, uint8_t
*key, size_t
key_len, unsigned int
rounds);
DESCRIPTION
Thebcrypt_pbkdf
function converts a password into a
byte array suitable for use as an encryption key. The password and salt values
are combined and repeatedly hashed rounds times. The
salt value should be randomly generated beforehand. The repeated hashing is
designed to thwart discovery of the key via password guessing attacks. The
higher the number of rounds, the slower each attempt will be.
RETURN VALUES
The bcrypt_pbkdf
() function returns 0 to
indicate success and -1 for failure.
SEE ALSO
STANDARDS
Niels Provos and David Mazieres, A Future-Adaptable Password Scheme, June 1999.
B. Kaliski, PKCS #5: Password-Based Cryptography Specification Version 2.0, RFC 2898, September 2000.
CAVEATS
This implementation deviates slightly from the PBKDF2 standard by mixing output key bits nonlinearly. By mixing the output bytes together, an attacker is required to perform all of the work without taking any shortcuts.