List of PBKDF2 implementations

List of software that implements or uses the PBKDF2 key derivation standard.

Implementations

  • wolfSSL
  • Libgcrypt
  • Bash implementation
  • Crypto-JS Javascript implementation
  • openssl's C implementation
  • OpenBSD's C implementation
  • PolarSSL's C implementation
  • CyaSSL's C implementation
  • ActionScript 3.0 implementation
  • .NET Framework's implementation
  • Delphi/Free Pascal implementation
  • Erlang implementation
  • Go implementation
  • PBKDF2 for Haxe
  • JavaScript implementations slow, less slow, fast, benchmark
  • Java implementation (PBKDF2WithHmacSHA256)
  • Python implementation
  • Python standard library
  • Perl implementation (large), (small), (tiny), Native Perl Implementation – no dependency hell
  • Ruby's standard library
  • Ruby implementation
  • Rust implementation
  • REBOL2 implementation
  • PHP implementations: native (added in v5.5.0), pure PHP implementation
  • Scala implementation
  • Common Lisp implementation (Ironclad)
  • Web Cryptography API

Systems that use PBKDF2

  • GNU GRUB to protect the bootloader password[1]
  • Wi-Fi Protected Access (WPA and WPA2) used to secure Wi-Fi wireless networks
  • Microsoft Windows Data Protection API (DPAPI)[2]
  • OpenDocument encryption used in OpenOffice.org
  • WinZip's AES Encryption scheme.[3][4]
  • Keeper for password hashing.[5]
  • LastPass for password hashing.[6][7]
  • 1Password for password hashing.[8]
  • Enpass for password hashing.[9]
  • Dashlane for password hashing.[10][11]
  • Bitwarden for password hashing.[12]
  • Standard Notes for password hashing.[13]
  • Apple's iOS mobile operating system, for protecting user passcodes and passwords.[14]
  • Mac OS X Mountain Lion for user passwords[citation needed]
  • The Django web framework, as of release 1.4.[15]
  • The Odoo ERP platform [16]
  • The MODX content management framework, as of version 2.0.
  • The encryption and decryption schema of Zend Framework, to generate encryption and authentication keys.[17]
  • Cisco IOS and IOS XE Type 4 password hashes[18]
  • Firefox Sync for client-side password stretching[19]

Disk encryption software

  • Filesystem encryption in the Android operating system, as of version 3.0.[20]
  • FileVault (Mac OS X) from Apple Computer[21]
  • FreeOTFE (Windows and Pocket PC PDAs); also supports mounting Linux (e.g. LUKS) volumes under Windows
  • LUKS (Linux Unified Key Setup) (Linux)
  • TrueCrypt (Windows, Linux, and Mac OS X)[22]
  • VeraCrypt (Windows, Linux, FreeBSD, and Mac OS X)[23]
  • CipherShed (Windows, Linux, and Mac OS X)[24]
  • DiskCryptor (Windows)
  • Cryptographic disk (NetBSD)
  • GEOM ELI module for FreeBSD
  • softraid crypto for OpenBSD
  • EncFS (Linux, FreeBSD and Mac OS X) since v1.5.0
  • GRUB2 (boot loader)
  • Booster (Secure initramfs for Linux)
  • SafeGuard Enterprise (Windows and Mac OSX)
  • Boxcryptor Encryption Software based in EFS

References

  1. ^ "Authentication and authorisation in GRUB".
  2. ^ "Windows Data Protection". NAI Labs, Network Associates, Inc.; Microsoft Corporation. October 2001. Archived from the original on 2007-04-16.
  3. ^ "AES Coding Tips for Developers". WinZip. 2008-07-21. Retrieved 2013-09-07.
  4. ^ "BRG Main SIte". Winzip.com. Retrieved 2013-09-07.
  5. ^ Black, Crystal (2015-03-10). "Keeper: A Fresh Look At Password Management And Data Security". Techaeris. Retrieved 2015-04-16.
  6. ^ "Security". LastPass: How We Do It. LastPass. Retrieved 2013-06-13.
  7. ^ "LastPass Security Notification". LastPass. 2011-05-04. Archived from the original on 2012-05-07. Retrieved 2013-06-13.
  8. ^ "Defending against crackers, PBKDF2". Agilebits, Inc. 2014. Retrieved 2014-11-14.
  9. ^ "Enpass Security Whitepaper, PBKDF2". Sinew Software Systems Pvt Ltd. 2018. Retrieved 2018-12-05.
  10. ^ "Our security model in a nutshell". Dashlane, Inc. 2014. Retrieved 2014-03-09.
  11. ^ "Protection of User Data in Dashlane" (PDF). Dashlane Security Whitepaper. Dashlane, Inc. November 2011. Retrieved 2014-03-09.
  12. ^ "What encryption is being used? | Bitwarden Help & Support". help.bitwarden.com. Retrieved 2019-09-21.
  13. ^ "How does Standard Notes secure my notes?". standardnotes.com. Retrieved 2020-01-07.
  14. ^ iOS security Archived 2012-10-21 at the Wayback Machine, May 2012, Apple inc.
  15. ^ "How Django stores passwords". Django 1.4 documentation. 2012-03-23. Retrieved 31 July 2012.
  16. ^ Odoo Security
  17. ^ Encrypt/decrypt using block ciphers, Programmer’s Reference Guide of Zend Framework 2.
  18. ^ Worldwide. "Cisco Security Response: Cisco IOS and Cisco IOS XE Type 4 Passwords Issue". Tools.cisco.com. Retrieved 2013-09-07.
  19. ^ Dan Callahan (2014-04-30). "Firefox Sync's New Security Model". Mozilla Cloud Services. Mozilla. Retrieved 2015-07-16.
  20. ^ Notes on the implementation of encryption in Android 3.0 Archived 2013-05-22 at the Wayback Machine, September 2012, Android Open Source Project.
  21. ^ https://events.ccc.de/congress/2006/Fahrplan/attachments/1244-23C3VileFault.pdf [bare URL PDF]
  22. ^ "Header Key Derivation, Salt, and Iteration Count". TrueCrypt User’s Guide. TrueCrypt Foundation. 2012-02-07. Retrieved 2013-06-08.
  23. ^ "Header Key Derivation, Salt, and Iteration Count". VeraCrypt Documentation. IDRIX. Retrieved 2017-10-16.
  24. ^ "CipherShed User's Guide, Technical Details" (PDF). CipherShed User’s Guide. CipherShed Project. 2014-12-19. Retrieved 2014-12-27.