Is the same key derived providing the same salt and password using Rfc2898DeriveBytes
https://stackoverflow.com/questions/10884064
-
12-06-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I read this tutorial about encryption in .NET
it uses Rfc2898DeriveBytes to create a random key to be used by symmetric algorithm . but it doesn't save the key . and later in decryption method it supplies the same password and salt and decrypts the text .
does it mean supplying the same salt and password to Rfc2898DeriveBytes could derived the same key ? no need to save the key and just save salt and password ?
Solution
Yes, that is correct. Identical inputs to Rfc2898DeriveBytes provide identical outputs. Otherwise, decryption would not be possible.
The article you reference uses the term "random" loosely. The output of Rfc2898DeriveBytes is not random: but it has high entropy.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
