# PBKDF2 > standard for a password-based key derivation function **Wikidata**: [Q3952834](https://www.wikidata.org/wiki/Q3952834) **Wikipedia**: [English](https://en.wikipedia.org/wiki/PBKDF2) **Source**: https://4ort.xyz/entity/pbkdf2 ## Summary PBKDF2 is a standard for a password-based key derivation function (KDF). It is designed to derive one or more secret cryptographic keys from a secret value, such as a user's password, making the key more secure and suitable for cryptographic applications. ## Key Facts - **Full Name**: Password-Based Key Derivation Function 2 - **Instance Of**: Key derivation function - **Developer**: RSA - **Publication Date**: 2000 - **Primary Specification**: RFC 2898 (PKCS #5: Password-Based Cryptography Specification Version 2.0) - **Updated Specification**: RFC 8018 (PKCS #5: Password-Based Cryptography Specification Version 2.1) - **Purpose**: To derive secret keys from a secret value like a password. ## FAQs ### Q: What does PBKDF2 stand for? A: PBKDF2 stands for Password-Based Key Derivation Function 2. It is the second such function specified in the Public-Key Cryptography Standards (PKCS #5). ### Q: What is a key derivation function? A: A key derivation function, or KDF, is a function that derives one or more secret keys from a secret value. In the case of PBKDF2, this secret value is typically a user's password. ### Q: Who created PBKDF2? A: PBKDF2 was developed by RSA, a company specializing in cryptography and computer security. It was first published as part of the PKCS #5 v2.0 standard in 2000. ## Why It Matters PBKDF2 plays a crucial role in modern computer security by strengthening password-based systems. Passwords chosen by humans are often not random or long enough to be used directly as cryptographic keys. PBKDF2 solves this problem by taking a password and processing it through a computationally intensive algorithm, which adds a "salt" (a random value) and repeats a hashing process thousands of times. This process makes it significantly more difficult and time-consuming for an attacker to guess passwords, even if they have access to a database of password hashes. By turning a potentially weak password into a strong cryptographic key, PBKDF2 helps protect sensitive data in a wide range of applications, from encrypted file systems to web application authentication. Its status as a formal standard has led to its widespread adoption and trust within the security community. ## Notable For - **Standardization**: PBKDF2 is formally defined in the IETF's RFC 2898 and RFC 8018, making it a widely recognized and implemented standard. - **Part of PKCS #5**: It is a key component of the Public-Key Cryptography Standards (PKCS), specifically PKCS #5, developed by RSA. - **Computational Cost**: The function is designed to be computationally intensive, which deliberately slows down the key derivation process to thwart brute-force and dictionary attacks on passwords. - **Wide Adoption**: As a long-standing and well-vetted standard, it has been used in countless security systems and protocols for password hashing and key generation. ## Body ### Function and Purpose PBKDF2 is an instance of a **key derivation function (KDF)**. Its specific purpose is to derive cryptographic keys from a password. The core principle of a KDF is to take a secret value and transform it into one or more secret keys suitable for use in other cryptographic algorithms. This is particularly important for passwords, which are often too short or predictable for direct use as keys. ### History and Development - **Developer**: PBKDF2 was developed by RSA. - **Publication**: The function was first published in the year 2000. ### Standardization PBKDF2 is formally described and standardized by the Internet Engineering Task Force (IETF) in the following documents: - **RFC 2898**: Titled "PKCS #5: Password-Based Cryptography Specification Version 2.0," this document first standardized the function. - **RFC 8018**: This document, "PKCS #5: Password-Based Cryptography Specification Version 2.1," is an update to the original standard. ### Classification and Related Entities - **Class**: PBKDF2 is classified as a `key derivation function`. - **Related Functions**: Other password-based key derivation functions exist, such as `yescrypt`.