The PBKDF2 (Password-based Key Derivation Function 2) SHA-256 algorithm is for generating Encryption Keys from a user’s Master Password. Before being sent to the Locker servers, the Master Password is encrypted with a random value created by using the user’s email address and the hashing technique, locally on the user’s device. When the Locker servers receive the encrypted Master Password, the password is encrypted again with a secure random value (generated by the Cryptographically Secure Pseudorandom Number Generator) and the hashing technique, and is subsequently stored in the Locker database.

The default number of iterations with the PBKDF2 algorithm is 100,001 on the user’s device, and then an additional 216,000 on the Locker’s servers (for a total of 316,001 iterations by default).

The PBKDF2 algorithm has 5 input parameters:

$key = PBKDF2(password, salt, iter\_count, hash\_func, key\_len)$

In which:

• $password$ : the user’s Master Password.

• $salt$ : cryptographic salt. Locker uses the user’s email as the first salt.

• $iter\_count$ : number of iterations.

• $hash\_func$ : hash function with output of length $h\_len$.

• $key\_len$ : length of output key.

Key $K$ is divided into blocks of maximum length $h\_len$. For each block ${KH}_i$,

1. Use the hash function with $iter\_count$ iterations with $password$ and $salt$ as inputs. The first $salt$ is the user’s email and the next $salt$s are the outputs of the previous hashing:

$H_1=hash\_func(password, email)$

$H_2=hash\_func(password, H_1)$

$...$

$H_{iter\_count}=hash\_func(password, H_{iter\_count-1})$

2. Perform $XOR$ operation with all the outputs $H_i$ from step 1:

${KH}_i = H_1 ⊕H_2⊕...⊕H_{iter\_count}$.

3. Concatenate all the ${KH}_i$ blocks into key $K$:

$K = {KH}_1||{KH}_2||...||{KH}_{key\_len/h\_len}$