可以读取加密门禁卡的钱包
There’s one little cybersecurity method that protects you on-line, your Crypto Wallet and your wi-fi: PBKDF2 (Password-Based Key Derivation Function 2). And, it loves being slow … in fact, the slower the better!!!!
有一种网络安全小方法可以保护您在线,加密钱包和wi-fi:PBKDF2(基于密码的密钥派生功能2)。 而且,它喜欢慢速...实际上,越慢越好!
PBKDF2 is a method used to take an input — such as random data or a passphrase — and then converts it into an encryption key of a certain size. This is then typically used with AES encryption, in order to secure the data. A 256-bit key has 32 bytes, and a 128-bit key has 16 bytes.
PBKDF2是一种用于获取输入(例如随机数据或密码短语),然后将其转换为一定大小的加密密钥的方法。 然后通常将其与AES加密一起使用,以保护数据。 256位密钥包含32个字节,而128位密钥包含16个字节。
But there are many other hashing methods, such as MD5, SHA-1, SHA-256, and so on. So what makes PBKDF2 so special? Well, it is its slowness which is a good feature when someone is trying to crack your crypto wallet or your wi-fi. For this we have a number of rounds that we hash for … and the more the rounds, the longer it will take. Typically we use more than 2,000 rounds for a robust password, and where only a few thousand passwords can be tried per second — rather than billions for SHA-256. This slowness makes it costly to crack, and you would require GPU arrays to crack the simplest of password, and which will be costing in terms of the electricity these use. PBKDF2 also contains a salt value, and which makes it robust against rainbow tables.
但是,还有许多其他哈希方法,例如MD5,SHA-1,SHA-256等。 那么,什么使PBKDF2如此特别? 好吧,当有人试图破解您的加密钱包或Wi-Fi时,它的慢速是一个好功能。 为此,我们要散列多个回合,……回合越多,花费的时间就越长。 通常,我们使用超过2,000回合来获得可靠的密码,并且每秒只能尝试几千个密码,而SHA-256则不超过数十亿。 这种速度较慢,导致破解成本很高,您将需要GPU阵列破解最简单的密码,这将在这些用电方面造成成本。 PBKDF2还包含一个盐值,这使其对彩虹表具有鲁棒性。
So here is a calculator [here]:
所以这是一个计算器[ 这里 ]:
PBKDF2 is a slow key derivation function, which takes an input string, salt, and a number of rounds. Test vectors from RFC6070 are [here]:
PBKDF2是一个慢键派生功能,它接受输入字符串,盐和多个回合。 RFC6070的测试向量为[ here ]:
Input:
P = "password" (8 octets)
S = "salt" (4 octets)
c = 1
dkLen = 20
Output:
DK = 12 0f b6 cf fc f8 b3 2c 43 e7 22 52 56 c4 f8 37 a8 65 48 c9
Input:
P = "password" (8 octets)
S = "salt" (4 octets)
c = 2
dkLen = 20
Output:
DK = ae 4d 0c 95 af 6b 46 d3 2d 0a df f9 28 f0 6d d0 2a 30 3f 8e
Input:
P = "password" (8 octets)
S = "salt" (4 octets)
c = 4096
dkLen = 20
Output:
DK = c5 e4 78 d5 92 88 c8 41 aa 53 0d b6 84 5c 4c 8d 96 28 93 a0Input:
P = "passwordPASSWORDpassword" (24 octets)
S = "saltSALTsaltSALTsaltSALTsaltSALTsalt" (36 octets)
c = 4096
dkLen = 25
Output:
DK = 34 8c 89 db cb d3 2b 2f 32 d8 14 b8 11 6e 84 cf
2b 17 34 7e bc 18 00 18 1cThe following defines some Python code:
下面定义了一些Python代码:
st = "abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon cactus"
salt="mnemonicBILL"
rounds=2048
keylen=64
method='hmac-sha512'from passlib.utils.pbkdf2 import pbkdf2
import sysif (rounds>4096):
print ("Too many rounds")
sys.Exit()
s2 = pbkdf2(st, salt, rounds, keylen=keylen, prf=method)
print ("String:\t\t",st)
print ("Salt:\t\t",salt)
print ("Rounds:\t\t",rounds)
print ("Key length:\t",keylen)
print ("Method:\t\t",method)print ("\nHash: ",s2.hex())# d184a269b4ea26dec12ed35e432e7d687a3b2b767a74e6b01b4009f991eda6dfbcc5f98e31409db7560a5640698094dcc190a0532f1360972e4cf3a8b594f936A sample run is:
运行示例为:
String: passwordPASSWORDpassword
Salt: saltSALTsaltSALTsaltSALTsaltSALTsalt
Rounds: 4096
Key length: 25
Method: hmac-SHA256Hash: 348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181cPBKDF2 is defined in RFC 2898 [here]. It is used in so many applications, such as with TrueCrypt to generate the key required to read the header information of the encrypted drive, and which stores the encryption keys, and also in WPA-2 [here] to protect the wi-fi password for the pre-shared key. It is also used to protect cryptocurrency wallets. If you’re interested, here’s an overview:
PBKDF2在RFC 2898 [ 这里 ]中定义。 它用在许多应用程序中,例如与TrueCrypt一起使用,以生成读取加密驱动器的标题信息所需的密钥,并存储加密密钥,还用于WPA-2 [ 此处 ]以保护wi-fi密码预共享密钥。 它还用于保护加密货币钱包。 如果您有兴趣,这里有一个概述:
结论 (Conclusions)
There you go, in an industry where things are made to go faster, PBKDF2 just loves to take things easy.
在发展更快的行业中,PBKDF2就是乐于轻松地工作。
可以读取加密门禁卡的钱包
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
