Derive AES key from the seed value
15 views
Skip to first unread message
Güngör Basa
Mar 10, 2015, 5:27:46 AM3/10/15
to cryptop...@googlegroups.com
Hello guys,
I am trying to derive new keys from my seed value. By using random number generator, I created one seed AES key. I would like to derive new keys from this key with provided password . For example KDF(seed || password) should give me my new key. What is the best way of doing this?
Thank you
I am trying to derive new keys from my seed value. By using random number generator, I created one seed AES key. I would like to derive new keys from this key with provided password . For example KDF(seed || password) should give me my new key. What is the best way of doing this?
Thank you
Jean-Pierre Münch
Mar 10, 2015, 11:31:09 AM3/10/15
to cryptop...@googlegroups.com
Hey Güngör,
I'm assuming that you have a random Key K1, a ready-to-use CSPRNG and a Password P.
I'm further assuming you want to have a Key K2 = KDF(K1,P).
There are two versions:
If your key is secret to all parties (like when using Diffie-Hellman) and with high entropy -> K1 is impossible to guess
This case is quite easy. You take a standard KDF, with a standard Hash.
To derive your Key K2 you use P1363_KDF2<SHA512>::DeriveKey(K2,K1,P)
For the details of the syntax, please consult pubkey.h.
If your key isn't secret to all parties / or has low entropy -> can be guessed easily
For this case you want to use a PBKDF (Password-based key derivation function) with your key as salt input, your password as password input and some nice iteration count to harden the result.
This would mean you'd use PBKDF2<SHA512>().DeriveKey(salt,password,iteration count) (close to this, look into pwdbased.h for details).
(The Hash doesn't need to be SHA512, you can choose to use any hash function you trust -> no MD5 and please no SHA1)
BR
JPM
I'm assuming that you have a random Key K1, a ready-to-use CSPRNG and a Password P.
I'm further assuming you want to have a Key K2 = KDF(K1,P).
There are two versions:
If your key is secret to all parties (like when using Diffie-Hellman) and with high entropy -> K1 is impossible to guess
This case is quite easy. You take a standard KDF, with a standard Hash.
To derive your Key K2 you use P1363_KDF2<SHA512>::DeriveKey(K2,K1,P)
For the details of the syntax, please consult pubkey.h.
If your key isn't secret to all parties / or has low entropy -> can be guessed easily
For this case you want to use a PBKDF (Password-based key derivation function) with your key as salt input, your password as password input and some nice iteration count to harden the result.
This would mean you'd use PBKDF2<SHA512>().DeriveKey(salt,password,iteration count) (close to this, look into pwdbased.h for details).
(The Hash doesn't need to be SHA512, you can choose to use any hash function you trust -> no MD5 and please no SHA1)
BR
JPM
Reply all
Reply to author
Forward
0 new messages