none
Rfc2898DeriveBytes recommended salt size? RRS feed

  • Question

  • Hi,

    When using Rfc2898DeriveBytes constructor that accepts a salt, are there any recommended size? For example when using hashes, the recommended size is usually equal to the hash bit size. And I'm aware that the larger the better, but I don't want to use unnecessary large salts if there are some other recommendations?

    --
    Werner


    Monday, June 24, 2013 9:47 AM

All replies

  • Would it be wrong to assume that the only thing the salt is used for, is in the Rfc2898DeriveBytes internal HMACSHA1 hashing? In which case the recommended salt size would be (minimum) 20 bytes?

    --

    Werner

    Wednesday, June 26, 2013 9:48 AM
  • Hi Werner,

    Welcome to the MSDN Forum.

    >>I don't want to use unnecessary large salts if there are some other recommendations 

    Generally, you can use the same key size for the salt.

    Best regards,


    Mike Feng
    MSDN Community Support | Feedback to us
    Develop and promote your apps in Windows Store
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Wednesday, June 26, 2013 1:02 PM
    Moderator
  • Hi Werner,

    Welcome to the MSDN Forum.

    >>I don't want to use unnecessary large salts if there are some other recommendations 

    Generally, you can use the same key size for the salt.

    Best regards,


    Mike Feng
    MSDN Community Support | Feedback to us
    Develop and promote your apps in Windows Store
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Hi Mike,

    Do you mean salt.size = key.size? And what key are you talking about - the hash-key or the encryption key?

    --
    Werner

     

     

    Thursday, June 27, 2013 11:09 AM