Create a Key from a Password Random SALT in C

suggest change
using System;
using System.Security.Cryptography;
using System.Text;

public class PasswordDerivedBytesExample
    public static void Main(String[] args)
        // Get a password from the user.
        Console.WriteLine("Enter a password to produce a key:");

        byte[] pwd = Encoding.Unicode.GetBytes(Console.ReadLine());

        byte[] salt = CreateRandomSalt(7);

        // Create a TripleDESCryptoServiceProvider object.
        TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();

            Console.WriteLine("Creating a key with PasswordDeriveBytes...");

            // Create a PasswordDeriveBytes object and then create
            // a TripleDES key from the password and salt.
            PasswordDeriveBytes pdb = new PasswordDeriveBytes(pwd, salt);

            // Create the key and set it to the Key property
            // of the TripleDESCryptoServiceProvider object.
            tdes.Key = pdb.CryptDeriveKey("TripleDES", "SHA1", 192, tdes.IV);

            Console.WriteLine("Operation complete.");
        catch (Exception e)
            // Clear the buffers

            // Clear the key.


    #region Helper methods

    /// <summary>
    /// Generates a random salt value of the specified length.
    /// </summary>
    public static byte[] CreateRandomSalt(int length)
        // Create a buffer
        byte[] randBytes;

        if (length >= 1)
            randBytes = new byte[length];
            randBytes = new byte[1];

        // Create a new RNGCryptoServiceProvider.
        RNGCryptoServiceProvider rand = new RNGCryptoServiceProvider();

        // Fill the buffer with random bytes.

        // return the bytes.
        return randBytes;

    /// <summary>
    /// Clear the bytes in a buffer so they can't later be read from memory.
    /// </summary>
    public static void ClearBytes(byte[] buffer)
        // Check arguments.
        if (buffer == null)
            throw new ArgumentNullException("buffer");

        // Set each byte in the buffer to 0.
        for (int x = 0; x < buffer.Length; x++)
            buffer[x] = 0;


This example is taken from MSDN.

It is a console demo, and it shows how to create a secure key based on a user-defined password, and how to create a random SALT based on the cryptographic random generator.


Usage: See Main() method.

Feedback about page:

Optional: your email if you want me to get back to you:

Table Of Contents