1 
 public static string GenerateHash(string password, string salt, int iterations) { var pbkdf2 = new Rfc2898DeriveBytes(password, Convert.FromBase64String(salt), iterations); var keyBytes = pbkdf2.GetBytes(32); return Convert.ToBase64String(keyBytes); }

I am getting a hashed password that is to be used in a zip archive, but I don't know if I'm actually retrieving the hash correctly.

Improve this question

1 Answer 1

Reset to default
2

Well, I think the answer to this question is: absolutely yes. There are a few missing parts that would be interesting to see in order to fully evaluate your approach... especially how you build the salt and how you validate your password.

This is how I would do it:

public static String HashPassword(String password) { Byte[] salt = new Byte[24]; RNGCryptoServiceProvider cryptoProvider = new RNGCryptoServiceProvider(); cryptoProvider.GetBytes(salt); Rfc2898DeriveBytes pbkdf2 = new Rfc2898DeriveBytes(password, salt, 1000); return Convert.ToBase64String(pbkdf2.GetBytes(20)); // Size of PBKDF2-HMAC-SHA-1 Hash }
Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

The way I'm generating the salt is exactly as described there, just in a separate method. The reason being I want to store the salt as a comment in the zip archive. This way my program knows what to add to the user's password when they try to open it. I assume this is reasonably safe? I've heard that an exposed salt is not particularly dangerous
@user5113199 I can’t comment on the exact case here, but the point of salting in general is to prevent rainbow tables, not to make any password “more safe”. So from that view, it should be fine to have the salt be public. Just keep in mind that unlocking a zip file is an offline process where bruteforcing can happen at full power, so knowing the salt will reduce the amount of complexity for attackers.
@user5113199 Salt’s are meant to be public - a common approach to store them is to prepend them to the ciphertext. So knowing the salt does not reduce the security.
@poke Having a salt has no effect on bruteforcing as it doesn’t affect the security of the the cipher algorithm and knowing the salt does not reduce the complexity. It’s like you said only for preventing rainbow table attacks by disallowing a mapping from ciphertext to known plaintext and thus inferring the password - so that an attacker is forced to fall back on pure bruteforcing.
@ckuri I just meant that not having the salt would mean that the attacker would have to brute force both the salt and the password.
|

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.