PHP hash_pbkdf2() Function: Generating PBKDF2 Key Derivation

The hash_pbkdf2() function in PHP generates a PBKDF2 (Password-Based Key Derivation Function 2) key derived from a given password and salt using a specified hash algorithm.

Parameters

algo : Name of the hash algorithm (e.g., md5, sha256, haval160,4). Supported algorithms can be listed via hash_algos().

password : The password to be hashed.

salt : A random salt value used during the derivation.

iterations : Number of iterations to perform.

length : Desired length of the derived key. If raw_output is true, this is the byte length; if false, it is twice the byte length because the result is returned as a hexadecimal string.

raw_output : Set to true to receive raw binary data, or false to receive a lowercase hexadecimal string.

If length is set to 0, the full output size of the selected algorithm is used.

Return Value

When raw_output is true, the function returns the raw binary digest; otherwise it returns the digest as a lowercase hexadecimal string.

Example

<?php
$password = "password";
$iterations = 1000;
$salt = mcrypt_create_iv(16, MCRYPT_DEV_URANDOM);
$hash = hash_pbkdf2("sha256", $password, $salt, $iterations, 20);
echo $hash;
?>

The above script generates a 20‑byte PBKDF2 key using SHA‑256, a random 16‑byte salt, and 1000 iterations, then outputs the result as a hexadecimal string. Sample output:

556b73a21e63c3e0e904