Paper 2019/161
Understanding Optimizations and Measuring Performances of PBKDF2
Andrea Francesco Iuorio and Andrea Visconti
Abstract
Password-based Key Derivation Functions (KDFs) are used to generate secure keys of arbitrary length implemented in many security-related systems. The strength of these KDFs is the ability to provide countermeasures against brute-force/dictionary attacks. One of the most implemented KDF is PBKDF2. In order to slow attackers down, PBKDF2 uses a salt and introduces computational intensive operations based on an iterated pseudo-random function. Since passwords are widely used to protect personal data and to authenticate users to access specific resources, if an application uses a small iteration count value, the strength of PBKDF2 against attacks performed on low-cost commodity hardware may be reduced. In this paper we introduce the cryptographic algorithms involved in the key derivation process, describing the optimization techniques used to speed up PBKDF2-HMAC-SHA1 in a GPU/CPU context. Finally, a testing activities has been executed on consumer-grade hardware and experimental results are reported.
Metadata
- Available format(s)
-
PDF
- Category
- Implementation
- Publication info
- Published elsewhere. Minor revision. Proceedings of the 2nd International Conference on Wireless, Intelligent and Distributed Environment for COMmunication (WIDECOM 2019), Springer International Publishing, Lecture Notes on Data Engineering and Communications Technologies, Vol. 27, 2019.
- Keywords
- passwordsPBKDF2HMAC-SHA1optimizationsCPU-intensive operationsperformance testing
- Contact author(s)
- andrea visconti @ unimi it
- History
- 2019-02-20: received
- Short URL
- https://ia.cr/2019/161
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2019/161,
author = {Andrea Francesco Iuorio and Andrea Visconti},
title = {Understanding Optimizations and Measuring Performances of {PBKDF2}},
howpublished = {Cryptology {ePrint} Archive, Paper 2019/161},
year = {2019},
url = {https://eprint.iacr.org/2019/161}
}
