Test vectors for PKCS #5 PBKDF2
draft-josefsson-pbkdf2-test-vectors-01
Abstract
This document contains test vectors for PKCS #5
PBKDF2.
Status of this Memo
This Internet-Draft is submitted in full
conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current
Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any time.
It is inappropriate to use Internet-Drafts as reference material or to cite
them other than as “work in progress.”
This Internet-Draft will expire on February 5, 2011.
Copyright Notice
Copyright (c) 2010 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1.
Introduction
2.
PBKDF2 test vectors for HMAC-SHA1
3.
Acknowledgements
4.
Copying conditions
5.
References
5.1.
Normative References
5.2.
Informative References
§
Author's Address
1.
Introduction
The PKCS #5 [RFC2898] (Kaliski, B., “PKCS #5: Password-Based Cryptography Specification Version 2.0,” September 2000.) Password Based Key
Derivation Function 2 (PBKDF2) is used by several
protocols to derive encryption keys from a password.
Test vectors for the algorithm were not included in the
original specification, but are often useful for
implementers.
2.
PBKDF2 test vectors for HMAC-SHA1
The SCRAM (Newman, C., Menon-Sen, A., Melnikov, A., and N. Williams, “Salted Challenge Response (SCRAM) SASL and GSS-API Mechanism,” February 2010.) [I‑D.ietf‑sasl‑scram]
protocol uses PBKDF2 with
HMAC (Krawczyk, H., Bellare, M., and R. Canetti, “HMAC: Keyed-Hashing for Message Authentication,” February 1997.) [RFC2104]
and SHA-1 (National Institute of Standards and Technology, “Secure Hash Standard,” April 1995.) [FIPS.180‑1.1995].
Input:
P = "password" (8 octets)
S = "salt" (4 octets)
c = 1
dkLen = 20
Output:
DK = 0c 60 c8 0f 96 1f 0e 71 f3 a9 b5 24 af 60 12 06 2f e0 37 a6
Input:
P = "password" (8 octets)
S = "salt" (4 octets)
c = 2
dkLen = 20
Output:
DK = ea 6c 01 4d c7 2d 6f 8c cd 1e d9 2a ce 1d 41 f0 d8 de 89 57
Input:
P = "password" (8 octets)
S = "salt" (4 octets)
c = 4096
dkLen = 20
Output:
DK = 4b 00 79 01 b7 65 48 9a be ad 49 d9 26 f7 21 d0 65 a4 29 c1
Input:
P = "password" (8 octets)
S = "salt" (4 octets)
c = 16777216
dkLen = 20
Output:
DK = ee fe 3d 61 cd 4d a4 e4 e9 94 5b 3d 6b a2 15 8c 26 34 e9 84
3.
Acknowledgements
Barry Brachman and Love Hörnquist Åstrand confirmed the
test vectors and pointed out a mistake in the salt octet
length count.
4.
Copying conditions
This document should be considered a Code Component, and
is thus effectively available under the BSD license.
5.
References
5.1. Normative References
5.2. Informative References
| [RFC2104] |
Krawczyk, H., Bellare, M., and R. Canetti, “HMAC: Keyed-Hashing for Message Authentication,” RFC 2104, February 1997 (TXT). |
| [FIPS.180-1.1995] |
National Institute of Standards and Technology, “Secure Hash Standard,” FIPS PUB 180-1, April 1995. |
| [I-D.ietf-sasl-scram] |
Newman, C., Menon-Sen, A., Melnikov, A., and N. Williams, “Salted Challenge Response (SCRAM) SASL and GSS-API Mechanism,” draft-ietf-sasl-scram-11 (work in progress), February 2010 (TXT). |
Author's Address