Password-based Key Derivation Function 2 (PBKDF2)

The PBKDF2 (Password-based Key Derivation Function 2) SHA-256 algorithm is used to derive Encryption Keys from the user’s Master Password. The Master Password is hashed locally on the user’s machine, using the user’s email address as a salt and a hashing technique, before being sent to Locker’s servers. When Locker’s servers receive the hashed Master Password, it is hashed once more with a cryptographically secure random salt (generated by the CSPRNG algorithm), along with a hashing technique, and then stored in Locker’s database. The default number of iterations used with the PBKDF2 algorithm is 100,001 iterations on the user’s machine, followed by an additional 216,000 iterations when stored on Locker’s servers (for a total of 316,001 iterations by default).

The PBKDF2 algorithm takes 5 input parameters:

key = PBKDF2(password, salt, iter\_count, hash\_func, key\_len)

Where:

password: the user’s master password.
salt: cryptographic salt; here Locker uses the user’s email as the initial salt.
iter_count: number of iterations.
hash_func: hash algorithm with output length $h_{len}$ .
key_len: desired length of the key.

The key K is divided into blocks of maximum length

h_{len}

. For each block

KH_i

Use the hash function iter_count times with the input being password and salt, where the first salt is the user’s email, and subsequent salt values are the output of the previous hash:

H_1 = hash\_func(password, email)

H_2 = hash\_func(password, H_1)

\vdots

H_(iter\_count) = hash\_func(password, H(iter\_count-1))

Perform an XOR operation with all outputs $Hi$ from step 1:

KH_i = H_1 \oplus H_2 \oplus \dots \oplus H(iter\_count)

Finally, all blocks $KHi$ concatenated together produce the key $K$ :

K = KH_1 \parallel KH_2 \parallel \dots \parallel KH(key\_len / h_{len})

Introduction

Security Fundamentals

Encryption and Decryption

Data Sharing

Password-based Key Derivation Function 2 (PBKDF2)