Can you derive a 128 bit AES encryption key using PBKDF2 with SHA-256

Question

I got confused about key derivation functions. For my project, I need to derive a 128 bits AES encryption key in CTR mode. To do so, I'm using a PBKDF2 to derive this encryption key using an initial information like a password.

PBKDF2 allows me to set its parameters before deriving a key, such as hashing function and iteration number. So, my question is if i set the PBKDF2's hashing function as SHA-256, and specificy the derived key's length as 128 bits, would that be okey? As SHA-256 will hash the input multiple times and produce a hash of 256 bits, how can I get a 128 bits encryption key while having 256 bits output of the SHA-256?

Welcome to Cryptography. The easiest way is trimming the 256-bit output of SHA-256. — kelalaka, Jul 09 '19 at 14:05
Hi, so does the PBKDF2 algorithm do it for me when I specify the parameters as such ? — Ahmet Eroğlu, Jul 09 '19 at 14:09
For that part is just reading the function prototype dLen that is desired length, see the answer from infortmation security — kelalaka, Jul 09 '19 at 14:16
so as far as I understand, it is suggested that if i use hashing function as SHA-256, the desired key should be also intended as 256 bits right? — Ahmet Eroğlu, Jul 09 '19 at 14:22

score 2 · Accepted Answer · answered Aug 28 '19 at 02:41

2

Truncate the output to 128 bits.

(Or, consider using AES-256 instead.)

answered Aug 28 '19 at 02:41

Squeamish Ossifrage

48,392
3
116
223

Can you derive a 128 bit AES encryption key using PBKDF2 with SHA-256

1 Answers1