RFC 2898 on Password-Based Cryptography
RFC Editor <rfc-ed@ISI.EDU> Thu, 21 September 2000 17:32 UTC
Received: from loki.ietf.org (loki [10.27.2.29]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA10636; Thu, 21 Sep 2000 13:32:58 -0400 (EDT)
Received: (from adm@localhost) by loki.ietf.org (8.9.1b+Sun/8.9.1) id NAA16251 for ietf-123-outbound.10@ietf.org; Thu, 21 Sep 2000 13:25:01 -0400 (EDT)
Received: from ietf.org (odin.ietf.org [10.27.2.28]) by loki.ietf.org (8.9.1b+Sun/8.9.1) with ESMTP id NAA16206 for <all-ietf@loki.ietf.org>; Thu, 21 Sep 2000 13:17:48 -0400 (EDT)
Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) by ietf.org (8.9.1a/8.9.1a) with SMTP id NAA10266 for <all-ietf@ietf.org>; Thu, 21 Sep 2000 13:17:47 -0400 (EDT)
Received: from ISI.EDU (jet.isi.edu [128.9.160.87]) by boreas.isi.edu (8.9.3/8.9.3) with ESMTP id KAA16919; Thu, 21 Sep 2000 10:17:44 -0700 (PDT)
Message-Id: <200009211717.KAA16919@boreas.isi.edu>
To: IETF-Announce:;
Subject: RFC 2898 on Password-Based Cryptography
Cc: rfc-ed@ISI.EDU
Mime-Version: 1.0
Content-Type: Multipart/Mixed; Boundary="NextPart"
Date: Thu, 21 Sep 2000 10:17:44 -0700
From: RFC Editor <rfc-ed@ISI.EDU>
A new Request for Comments is now available in online RFC libraries.
RFC 2898
Title: PKCS #5: Password-Based Cryptography Specification
Version 2.0
Author(s): B. Kaliski
Status: Informational
Date: September 2000
Mailbox: bkaliski@rsasecurity.com
Pages: 34
Characters: 68692
Updates/Obsoletes/SeeAlso: None
I-D Tag: draft-kaliski-pkcs5-v2-04.txt
URL: ftp://ftp.isi.edu/in-notes/rfc2898.txt
This memo represents a republication of PKCS #5 v2.0 from RSA
Laboratories' Public-Key Cryptography Standards (PKCS) series, and
change control is retained within the PKCS process. The body of this
document, except for the security considerations section, is taken
directly from that specification.
This document provides recommendations for the implementation of
password-based cryptography, covering key derivation functions,
encryption schemes, message-authentication schemes, and ASN.1 syntax
identifying the techniques.
The recommendations are intended for general application within
computer and communications systems, and as such include a fair
amount of flexibility. They are particularly intended for the
protection of sensitive information such as private keys, as in PKCS
#8 [25]. It is expected that application standards and implementation
profiles based on these specifications may include additional
constraints.
Other cryptographic techniques based on passwords, such as
password-based key entity authentication and key establishment
protocols [4][5][26] are outside the scope of this document.
Guidelines for the selection of passwords are also outside the scope.
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
This announcement is sent to the IETF list and the RFC-DIST list.
Requests to be added to or deleted from the IETF distribution list
should be sent to IETF-REQUEST@IETF.ORG. Requests to be
added to or deleted from the RFC-DIST distribution list should
be sent to RFC-DIST-REQUEST@RFC-EDITOR.ORG.
Details on obtaining RFCs via FTP or EMAIL may be obtained by sending
an EMAIL message to rfc-info@RFC-EDITOR.ORG with the message body
help: ways_to_get_rfcs. For example:
To: rfc-info@RFC-EDITOR.ORG
Subject: getting rfcs
help: ways_to_get_rfcs
Requests for special distribution should be addressed to either the
author of the RFC in question, or to RFC-Manager@RFC-EDITOR.ORG. Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.echo
Submissions for Requests for Comments should be sent to
RFC-EDITOR@RFC-EDITOR.ORG. Please consult RFC 2223, Instructions to RFC
Authors, for further information.
Joyce K. Reynolds and Sandy Ginoza
USC/Information Sciences Institute
...
Below is the data which will enable a MIME compliant Mail Reader
implementation to automatically retrieve the ASCII version
of the RFCs.
- RFC 2898 on Password-Based Cryptography RFC Editor