List of PBKDF2 implementations

List of software that implements or uses the PBKDF2 key derivation standard.

Implementations

• wolfSSL
• Libgcrypt
• Bash implementation
• Crypto-JS Javascript implementation
• openssl's C implementation
• OpenBSD's C implementation
• PolarSSL's C implementation
• CyaSSL's C implementation
• ActionScript 3.0 implementation
• .NET Framework's implementation
• Delphi/Free Pascal implementation
• Erlang implementation
• Go implementation
• PBKDF2 for Haxe
• JavaScript implementations slow, less slow, fast, benchmark
• Java implementation (PBKDF2WithHmacSHA256)
• Python implementation
• Python standard library
• Perl implementation (large), (small), (tiny), Native Perl Implementation – no dependency hell
• Ruby's standard library
• Ruby implementation
• Rust implementation
• REBOL2 implementation
• PHP implementations: native (added in v5.5.0), pure PHP implementation
• Scala implementation
• Common Lisp implementation (Ironclad)
• Web Cryptography API

Systems that use PBKDF2

• GNU GRUB to protect the bootloader password ^[1]
• Wi-Fi Protected Access (WPA and WPA2) used to secure Wi-Fi wireless networks
• Microsoft Windows Data Protection API (DPAPI) ^[2]
• OpenDocument encryption used in OpenOffice.org
• WinZip's AES Encryption scheme. ^{[3] [4]}
• Keeper for password hashing. ^[5]
• LastPass for password hashing. ^{[6] [7]}
• 1Password for password hashing. ^[8]
• Enpass for password hashing. ^[9]
• Dashlane for password hashing. ^{[10] [11]}
• Bitwarden for password hashing. ^[12]
• Apple's iOS mobile operating system, for protecting user passcodes and passwords. ^[13]
• Mac OS X Mountain Lion for user passwords^{[ citation needed ]}
• The Django web framework, as of release 1.4. ^[14]
• The Odoo ERP platform ^[15]
• The MODX content management framework, as of version 2.0.
• The encryption and decryption schema of Zend Framework, to generate encryption and authentication keys. ^[16]
• Cisco IOS and IOS XE Type 4 password hashes ^[17]
• Firefox Sync for client-side password stretching ^[18]

Disk encryption software

• Filesystem encryption in the Android operating system, as of version 3.0. ^[19]
• FileVault (Mac OS X) from Apple Computer ^[20]
• FreeOTFE (Windows and Pocket PC PDAs); also supports mounting Linux (e.g. LUKS) volumes under Windows
• LUKS (Linux Unified Key Setup) (Linux)
• TrueCrypt (Windows, Linux, and Mac OS X) ^[21]
• VeraCrypt (Windows, Linux, FreeBSD, and Mac OS X) ^[22]
• CipherShed (Windows, Linux, and Mac OS X) ^[23]
• GEOM ELI module for FreeBSD
• EncFS (Linux, FreeBSD and Mac OS X) since v1.5.0
• GRUB2 (boot loader)

References

1. "Authentication and authorisation in GRUB".
2. "Windows Data Protection". NAI Labs, Network Associates, Inc.; Microsoft Corporation. October 2001. Archived from the original on 2007-04-16.
3. "AES Coding Tips for Developers". WinZip. 2008-07-21. Retrieved 2013-09-07.
4. "BRG Main SIte". Winzip.com. Retrieved 2013-09-07.
5. Black, Crystal (2015-03-10). "Keeper: A Fresh Look At Password Management And Data Security". Techaeris. Retrieved 2015-04-16.
6. "Security". LastPass: How We Do It. LastPass . Retrieved 2013-06-13.
7. "LastPass Security Notification". LastPass. 2011-05-04. Archived from the original on 2012-05-07. Retrieved 2013-06-13.
8. "Defending against crackers, PBKDF2". Agilebits, Inc. 2014. Retrieved 2014-11-14.
9. "Enpass Security Whitepaper, PBKDF2". Sinew Software Systems Pvt Ltd. 2018. Retrieved 2018-12-05.
10. "Our security model in a nutshell". Dashlane, Inc. 2014. Retrieved 2014-03-09.
11. "Protection of User Data in Dashlane" (PDF). Dashlane Security Whitepaper. Dashlane, Inc. November 2011. Retrieved 2014-03-09.
12. "What encryption is being used? | Bitwarden Help & Support". help.bitwarden.com. Retrieved 2019-09-21.
13. iOS security Archived 2012-10-21 at the Wayback Machine , May 2012, Apple inc.
14. "How Django stores passwords". Django 1.4 documentation. 2012-03-23. Retrieved 31 July 2012.
15. Odoo Security
16. Encrypt/decrypt using block ciphers, Programmer’s Reference Guide of Zend Framework 2.
17. Worldwide. "Cisco Security Response: Cisco IOS and Cisco IOS XE Type 4 Passwords Issue". Tools.cisco.com. Retrieved 2013-09-07.
18. Dan Callahan (2014-04-30). "Firefox Sync's New Security Model". Mozilla Cloud Services. Mozilla. Retrieved 2015-07-16.
19. Notes on the implementation of encryption in Android 3.0 Archived 2013-05-22 at the Wayback Machine , September 2012, Android Open Source Project.
20. "Unlocking FileVault - An analysis of Apple's disk encryption system" (PDF). Archived from the original (PDF) on 2008-09-16.
21. "Header Key Derivation, Salt, and Iteration Count". TrueCrypt User’s Guide. TrueCrypt Foundation. 2012-02-07. Retrieved 2013-06-08.
22. "Header Key Derivation, Salt, and Iteration Count". VeraCrypt Documentation. IDRIX. Retrieved 2017-10-16.
23. "CipherShed User's Guide, Technical Details" (PDF). CipherShed User’s Guide. CipherShed Project. 2014-12-19. Retrieved 2014-12-27.