nremond / pbkdf2-scala   0.7.2


PBKDF2 implementation in Scala

Scala versions: 3.x 2.13 2.12 2.11 2.10

PBKDF2 Build Status

pbkdf2-scala is an implementation of PBKDF2 in Scala. It is cross-compiled for Scala 2.11, 2.12, and 2.13.

For using it, you can add the following dependency in SBT.

libraryDependencies += "io.github.nremond" %% "pbkdf2-scala" % "0.7.0"

Standards Conformance

This implementation conforms to RFC 2898, and has been tested using the test vectors in Appendix B of RFC 3962. Note, however, that while those specifications use HMAC-SHA-1, this implementation defaults to HMAC-SHA-512. As a matter of fact, SHA-512 provides a longer bit length and in addition, NIST has stated that SHA-1 should be phased out due to concerns over recent cryptanalytic attacks.

Setting the number of iterations

Choosing the correct value for this parameter is thus a trade-off: it should be set as high as possible, to make attacks as difficult as possible, without making legitimate applications unusably slow.

Security Considerations section of RFC 3962 provides a useful example on how to consider that choice.The current default value is set to 210000, based on the OWASP Cheat Sheet Series.

Using the library

You can use the raw PBKDF2 function which as the following signature:

object PBKDF2 {
  def apply(password: Array[Byte], 
            salt: Array[Byte], 
            iterations: Int = 210000, 
            dkLength: Int = 32, 
            cryptoAlgo: String = "HmacSHA512"): Array[Byte]

Alternatively, you can use the following functions that will handle the salting for you:

object SecureHash {
  def createHash(password: String,
                 iterations: Int = 210000,
                 dkLength: Int = 32,
                 cryptoAlgo: String = "HmacSHA512"): String

  def validatePassword(password: String, hashedPassword: String): Boolean

validatePassword and createHash output are compatible with PassLib for the supported pseudo-random-functions (HmacSHA1, HmacSHA256, HmacSHA512).

Release Notes

  • 0.6: Scala 2.13 and 3 support
  • 0.6: Scala 2.12 and 2.13 support
  • 0.5: Breaking changes in SecureHash to implement a version of Modular Crypt Format (MCF) compatible with PassLib. User of older version of this library can find the previous API here. Update the default security settings to HmacSHA512.
  • 0.4: Introduce the SecureHash class to handle the salting.
  • 0.3: Update the default security settings.


See the license.txt file for the terms under which it may be used and distributed.