6.2.1. PBES2 Encryption Operation
6.2.1. PBES2 Encryption Operation
The encryption operation for PBES2 consists of the following steps, which encrypt a message M under a password P to produce a ciphertext C, applying a selected key derivation function KDF and a selected underlying encryption scheme:
-
Select a salt S and an iteration count c, as outlined in Section 4.
-
Select the length in octets, dkLen, for the derived key for the underlying encryption scheme.
-
Apply the selected key derivation function to the password P, the salt S, and the iteration count c to produce a derived key DK of length dkLen octets:
DK = KDF (P, S, c, dkLen) -
Encrypt the message M with the underlying encryption scheme under the derived key DK to produce a ciphertext C. (This step may involve selection of parameters such as an initialization vector and padding, depending on the underlying scheme.)
-
Output the ciphertext C.
The salt S, the iteration count c, the key length dkLen, and identifiers for the key derivation function and the underlying encryption scheme may be conveyed to the party performing decryption in an AlgorithmIdentifier value (see Appendix A.4).