pbkdf2

Since SHA-3 seems to be an already known function (Keccak as the finalist of NIST hash function competition) I have several questions related to this topic: NIST site says that NIST is closed due to a lapse in government funding. Is there any chance that SHA-3 will ever be finally accepted? BouncyCastle library has an implementation of SHA-3 which digest results are the same as examples posted in wikipedia article (I tested this). Since the final standard is not approved, can this be trusted? Wikipedia says this is likely to be changed but how can it change as the final algorithm does not seem

Long story short have a membership system built in .NET that we are porting to WordPress and need to replicate the PBKDF2 encryption so users don't need to reset their passwords. Using a know hashed password I've been able to replicate this in .NET easily, with the following code: static void Main(string[] args) { var isValid = CheckPassword("#0zEZcD7uNmv", "5SyOX+Rbclzvvit3MEM2nBRaPVo2M7ZTs7n3znXTfyW4OhwTlJLvpcUlCryblgkQ"); } public static int PBKDF2IterCount = 10000; public static int PBKDF2SubkeyLength = 256 / 8; // 256 bits public static int SaltSize = 128 / 8; // 128 bits private static

It seems that I have a thread-safety issue with Cipher and/or PBEKeySpec. JDK : 1.8.0_102, 1.8.0_151 and 9.0.1+11 PBKDF2 algorithm: PBKDF2WithHmacSHA1 Cipher algorithm: AES/CFB/NoPadding Key algorithm: AES I know these classes aren't tread-safe if we use the same instances, but that's not the case, I'm getting a new instance at each decode. But even that, sometimes the decode fails, there is no exception, just an unexpected decoded value. I've been able to reproduce the problem: @Test public void shouldBeThreadSafe() { final byte[] encoded = { 27, 26, 18, 88, 84, -87, -40, -91, 70, -74, 87,

I have to decrypt a string encrypted in C# as a part of our project. This decryption is done using AES algorithm and packing mode as PKCS7. For generating the initialization vector they have used the following: Rfc2898DeriveBytes keyGenerator = new Rfc2898DeriveBytes("somestring", salt); The salt is the default bytes. This IV is used in encrypting the string using AES. I have read through some documents and found that AES can be implemented in Java. But not sure on how to pass the IV and packing mode. Also, I have seen that there are modes CBC, ECB for mentioning the Cipher block mode. I am

I need to be able to validate in node some password which were generated and stored using Symfony2 with sha512 encoding. I can retrieve the hash and the salt just fine but when using crypto I cannot manage to generate a hash using the salt which matches the one stored in the database. Symfony security.yml security: encoders: "FOS\UserBundle\Model\UserInterface": sha512 Hash stored in DB 6zxwRZc4EPXKxQes9avs0ZyCRFkC4dtpXrT983ML8VLvv9WhRnAi282bwuFuj3LHPQBGmqD1BfCLDUXGdHIjZQ== Salt stored in DB qu7rjvaietws8kg4cgsggksookwsws8 As there is a salt on the node side I'm using crypto.pbkdf2Sync , there