A string. This should be set to
A string representing the digest algorithm to use. This may be one of:
SHA-1is considered vulnerable in most cryptographic applications, but is still considered safe in PBKDF2. However, it's advisable to transition away from it everywhere, so unless you need to use
SHA-1, don't. Use a different digest algorithm instead.
Numberrepresenting the number of times the hash function will be executed in
deriveKey(). This determines how computationally expensive (that is, slow) the
deriveKey()operation will be. In this context, slow is good, since it makes it more expensive for an attacker to run a dictionary attack against the keys. The general guidance here is to use as many iterations as possible, subject to keeping an acceptable level of performance for your application.
See the examples for
|Web Cryptography API |
Browsers that support the "PBKDF2" algorithm for the
SubtleCrypto.deriveKey() method will support this type.