RFC 2898 (rfc2898) - Page 1 of 34
PKCS #5: Password-Based Cryptography Specification Version 2
Alternative Format: Original Text Document
Network Working Group B. Kaliski
Request for Comments: 2898 RSA Laboratories
Category: Informational September 2000
PKCS #5: Password-Based Cryptography Specification
Version 2.0
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2000). All Rights Reserved.
Abstract
This memo represents a republication of PKCS #5 v2.0 from RSA
Laboratories' Public-Key Cryptography Standards (PKCS) series, and
change control is retained within the PKCS process. The body of this
document, except for the security considerations section, is taken
directly from that specification.
This document provides recommendations for the implementation of
password-based cryptography, covering key derivation functions,
encryption schemes, message-authentication schemes, and ASN.1 syntax
identifying the techniques.
The recommendations are intended for general application within
computer and communications systems, and as such include a fair
amount of flexibility. They are particularly intended for the
protection of sensitive information such as private keys, as in PKCS
#8 [25]. It is expected that application standards and implementation
profiles based on these specifications may include additional
constraints.
Other cryptographic techniques based on passwords, such as password-
based key entity authentication and key establishment protocols
[4][5][26] are outside the scope of this document. Guidelines for
the selection of passwords are also outside the scope.
Kaliski Informational