RNGCryptoServiceProvider and Rfc2898DeriveBytes

Question

RNGCryptoServiceProvider and Rfc2898DeriveBytes

Whether it makes sense to run the encryption key (2048 bits) generated via RNGCryptoServiceProviderthrough Rfc2898DeriveBytes.GetBytes()or Rfc2898DeriveBytes, more focused on the creation of the encryption key from a short key, such as the phrase:

+3

c # encryption

Oliver weichhold May 28 '11 at 12:24

source share

2 answers

Rfc2898DeriveBytes.GetBytes() . , , (, , ). (, ), Rfc2898DeriveBytes ( ).

+4

Teoman Soygul 28 '11 12:32

blowdart · Accepted Answer · 2011-05-28T12:30:14+0000

If you already have something suitable for the key that you have, why are you using it to create another key? Personally, I see no benefit by embedding it in derived bytes, since you already have a cryptographically secure random number.

RNGCryptoServiceProvider and Rfc2898DeriveBytes

More articles: