W3C home > Mailing lists > Public > public-webcrypto@w3.org > March 2014

PBKDF2 questions

From: Mark Watson <watsonm@netflix.com>
Date: Wed, 5 Mar 2014 09:53:51 -0800
Message-ID: <CAEnTvdD6koOvha8=aF9wL1_1NcqGiMFPPycxYsydS3bY=CHPAg@mail.gmail.com>
To: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
(1) I assume the correct reference is RFC2898
(2) Do we need to support PBKDF2 with pseudo-random functions other than
HMAC ? Presently the parameters dictionary allows us to specify the
pseudo-random function, prf, in contrast to HKDF where we are allowed only
to specify the hash function to be used with HMAC

Restricting to HMAC is much simpler to specify. If we allow arbitrary PRFs,
we need to define what properties they must have: support of sign operation
and import of arbitrary size raw key. These requirements restrict us to
HMAC anyway (from the existing algorithms).

Does anyone use PBKDF with a PRF other than HMAC ? What ?

Received on Wednesday, 5 March 2014 17:54:18 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:02:40 UTC