Paper 2019/161

Understanding Optimizations and Measuring Performances of PBKDF2

Andrea Francesco Iuorio and Andrea Visconti


Password-based Key Derivation Functions (KDFs) are used to generate secure keys of arbitrary length implemented in many security-related systems. The strength of these KDFs is the ability to provide countermeasures against brute-force/dictionary attacks. One of the most implemented KDF is PBKDF2. In order to slow attackers down, PBKDF2 uses a salt and introduces computational intensive operations based on an iterated pseudo-random function. Since passwords are widely used to protect personal data and to authenticate users to access specific resources, if an application uses a small iteration count value, the strength of PBKDF2 against attacks performed on low-cost commodity hardware may be reduced. In this paper we introduce the cryptographic algorithms involved in the key derivation process, describing the optimization techniques used to speed up PBKDF2-HMAC-SHA1 in a GPU/CPU context. Finally, a testing activities has been executed on consumer-grade hardware and experimental results are reported.

Available format(s)
Publication info
Published elsewhere. MINOR revision.Proceedings of the 2nd International Conference on Wireless, Intelligent and Distributed Environment for COMmunication (WIDECOM 2019), Springer International Publishing, Lecture Notes on Data Engineering and Communications Technologies, Vol. 27, 2019.
passwordsPBKDF2HMAC-SHA1optimizationsCPU-intensive operationsperformance testing
Contact author(s)
andrea visconti @ unimi it
2019-02-20: received
Short URL
Creative Commons Attribution


      author = {Andrea Francesco Iuorio and Andrea Visconti},
      title = {Understanding Optimizations and Measuring Performances of PBKDF2},
      howpublished = {Cryptology ePrint Archive, Paper 2019/161},
      year = {2019},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.