System.Security.Cryptography.Rfc2898DeriveBytes Class

Implements password-based key derivation functionality, PBKDF2, by using a pseudo-random number generator based on System.Security.Cryptography.HMACSHA1.

See Also: Rfc2898DeriveBytes Members

Syntax

[System.Runtime.InteropServices.ComVisible(true)]
public class Rfc2898DeriveBytes : DeriveBytes

Remarks

System.Security.Cryptography.Rfc2898DeriveBytes takes a password, a salt, and an iteration count, and then generates keys through calls to the Rfc2898DeriveBytes.GetBytes(int) method.

RFC 2898 includes methods for creating a key and initialization vector (IV) from a password and salt. You can use PBKDF2, a password-based key derivation function, to derive keys using a pseudo-random function that allows keys of virtually unlimited length to be generated. The System.Security.Cryptography.Rfc2898DeriveBytes class can be used to produce a derived key from a base key and other parameters. In a password-based key derivation function, the base key is a password and the other parameters are a salt value and an iteration count.

For more information about PBKDF2, see RFC 2898, "PKCS #5: Password-Based Cryptography Specification Version 2.0," available on the tp://go.microsoft.com/fwlink/?LinkID=37119. See section 5.2, "PBKDF2," for complete details.

Note:

Never hard-code a password within your source code. Hard-coded passwords can be retrieved from an assembly by using the MSIL Disassembler (Ildasm.exe), by using a hexadecimal editor, or by simply opening up the assembly in a text editor such as Notepad.exe.

Requirements

Namespace: System.Security.Cryptography
Assembly: mscorlib (in mscorlib.dll)
Assembly Versions: 2.0.0.0, 4.0.0.0
Since: .NET 2.0