stackoom
  简体   繁体   中英

RNGCryptoServiceProvider and Rfc2898DeriveBytes

 原文  2011-05-28 12:24:07       c#/ encryption

Question

Does it make sense to run a encryption key (2048 bit) generated with the RNGCryptoServiceProvider through Rfc2898DeriveBytes.GetBytes() or is Rfc2898DeriveBytes more geared toward generating encryption keys from shorter keys like passphrases?

2 answers

solution1
 4  2011-05-28 12:32:44

Rfc2898DeriveBytes.GetBytes() is mainly used for getting a key of the right size with your encryption chipper size. If you're sure that your key is secure this is not needed (and of course if the key sizes match). If it's a user input (ie a passkey), than definitely use Rfc2898DeriveBytes class to derive a proper key (or use hashing with salt).

solution2
 3 ACCPTED  2011-05-28 12:30:14

If you already have something suitable for a key, which it appears you have, why would you use it to generate another key? Personally I don't see any benefit putting it through derived bytes as you already have a cryptographically secure random number.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Rfc2898DeriveBytes and TripleDes RFC2898DeriveBytes not decrypting Rfc2898DeriveBytes - password length Rfc2898DeriveBytes returns encrypted key? Understanding how Rfc2898DeriveBytes works Translate Rfc2898DeriveBytes in ruby Rfc2898DeriveBytes equivalent in node js What is the default value of the iterationCount property of Rfc2898DeriveBytes class Rfc2898DeriveBytes in java for this .Net code password encryption Rfc2898DeriveBytes for .NET and Java generate different values
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM