Password-Based Key Derivation Function 2 (PBKDF2)

(e.g random-string or email address)

(A-Z a-z 0-9 ~ ! @ # $ % ^ & * - = + , . ' _ [space])

Result: using SJCL (hard-coded to sha256):


NOTE: this demo uses SHA-256 as this a superior hash to the standard SHA-1 algorithm used in most (default) implementations of PBKDF2. Thus, results here will not match out of the box results from other demos.

The functionality described makes use of PBES2 and PBKDF2 as defined in RFC 2898 (PKCS#5 v2.0).

PBKDF2 (Password-Based Key Derivation Function) is a key derivation function that is part of RSA Laboratories' Public-Key Cryptography Standards (PKCS) series, specifically PKCS #5 v2.0, also published as Internet Engineering Task Force's RFC 2898. It replaces an earlier standard, PBKDF1, which could only produce derived keys up to 160 bits long.


for documentation for the Javascript implementation.

Sample Code

// The SJCL Key Length parameter is in BITS, where the "keysize" input is in bytes.
var input = 'Testing 123',
    salt = 'de052f55e045f5d5d6038a44ddb1c6fb27e71960ccb7f9827457955dec96d7d1',
    keyLength = 32 * 8,
    iterations = 1000;
var saltBits = sjcl.codec.hex.toBits(salt.toHex());
var output = sjcl.codec.hex.fromBits(sjcl.misc.pbkdf2(input, saltBits, iterations, keyLength));

// output: c2e770ad377b0632afaa4c68c3e5234298f01a5e733d6902a92e9be56b8cc937