This API uses the PBKDF2 specification with HMACSHA512 as the underlying pseudo random function (PRF) to perform the salted hashing over a specified number of instances to eliminate the feasibility of rainbow table attacks & drive up the computing cost of generating said tables, this is known as key stretching.

This API also provides the capability to create BIG crypto random salt strings, because the BIGGER & more RANDOM your salt, the better! (anti-rainbow tables)

I was going to use Microsofts Rfc2898DeriveBytes(cb) implementation but after learning that it is using HMACSHA1 as the underlying PRF, I decided to modernise this & implement PBKDF2 with HMACSHA512 instead (Stronger against GPUs)

Get binaries here but for source code please use the PWDTK.NET repo on GitHub which you can clone from here: https://github.com/Thashiznets/PWDTK.NET.git

Please consider donating (5th button above) if you find PWDTK.NET useful!

Package AVAILABLE on NuGet!!!

Thanks - Ian

Features

  • Crypto Randomly Generate Salt
  • Password Policy Integration
  • PBKDF2 implementation using HMACSHA512 as the underlying PRF
  • Control resource usage vs key stretching by supplying iteration count as per PBKDF2 spec
  • Code open source and available for peer review by security experts\cryptographers
  • Uses UTF-8 encoding to support non English characters, better than implementations using ASCII
  • Created using instructions for PBKDF2 standard here: http://www.ietf.org/rfc/rfc2898.txt
  • Ability to call Rfc2898.PBKDF2(P,S,c,dkLen) to derive encryption keys of your specific size
  • Source code includes sample GUI with common usage implemented

Project Samples

PWDTK.NET Screenshot 1

Project Activity

See All Activity >

License

Public Domain

Follow PWDTK.NET

PWDTK.NET Web Site

You Might Also Like
Relax: PRTG Monitors Your IT for You Icon
Relax: PRTG Monitors Your IT for You

Stay in control and avoid IT headaches. PRTG monitors your network, devices, and apps - receive alerts when it matters most.

You’re the go-to IT person, always putting out fires and keeping things running. With PRTG, you get reliable alerts to monitor your entire IT infrastructure, without the noise. Our intuitive setup gives you a clear overview of your network, devices, and applications in real time. Get instant alerts only when something needs your attention, whether you’re at your desk or on the move. Spend less time worrying about outages and more time focusing on what matters. Set up PRTG once and let it work for you - PRTG has you covered.
Start Your Free PRTG Trial Now
Rate This Project
Login To Rate This Project

User Ratings

5.0 out of 5 stars
★★★★★
★★★★
★★★
★★
2
0
0
0
0
ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 5 / 5
features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 5 / 5
design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 5 / 5
support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 5 / 5

User Reviews

Filter Reviews:
All
  • qube-it Posted 2013-07-27
    Great library to help insure a quality implementation of encrypting passwords.
  • ghanashyaml Posted 2013-07-10
    It's an easy to use and stable, reliable implementation. We are using this in a production environment with no problems till now.
    1 user found this review helpful.
Read more reviews >

Additional Project Details

Intended Audience

Auditors, Developers, Information Technology, Science/Research, Security, Security Professionals

User Interface

.NET/Mono

Programming Language

C#

Registered

2012-08-31
Report inappropriate content