The key generation function ( English key derivation function , KDF ) is a function that generates one or more secret keys based on a secret value (master key, password or pass phrase) using a pseudo-random function. [1] [2] The key generation function can be used to create a key of the required length or a specified format. An example of this is the transformation of a secret key obtained as a result of the Diffie-Hellman protocol into a symmetric key for use in the AES algorithm. Often cryptographic hash functions are used as a pseudo-random function to generate a key. [3]
Some widely used key generation algorithms are bcrypt , PBKDF2 , scrypt .
Use
The key generation function is often used in conjunction with unclassified parameters to obtain one or more secret keys based on a shared secret value. Such an application can prevent an attacker who owns the generated key from finding out information about the initial secret value or about any of the generated keys. The key generation function can be used to generate a key that satisfies the desired desired properties (for example, the exclusion of weak keys in some encryption systems).
Password-based key generation functions are often used to hash passwords and then verify them. In this case, the non-secret parameter used in conjunction with the secret password is called “ salt .” In 2013, the was announced to develop a new password hashing function. The competition ended on November 20, 2015, the winner was the algorithm Argon2 [4] . In addition to the winner, four algorithms were awarded special recognition: Catena , Lyra2 , Makwa, and yescrypt .
See also
- Crypt (Unix)
- Crypt (C)
Notes
- ↑ Bezzi, Michele. Data privacy // Privacy and Identity Management for Life . - Springer, 2011. - p. 185–186. - ISBN 9783642203176 .
- ↑ Kaliski, Burt. RFC 2898 - PKCS # 5: Password-Based Cryptography Specification, Version 2.0 . IETF .
- ↑ Zdziarski, Jonathan. Hacking and Securing IOS Applications: Stealing Data, Hijacking Software, and Prevent It . - O'Reilly Media, 2012. - p. 252–253. - ISBN 9781449318741 .
- ↑ “Password Hashing Competition”