Key Derivation Functions

Key derivation function (KDF) derives one or more secret keys from a secret value such as a master key, a password, or a passphrase using a pseudorandom function. KDFs can be used to stretch keys into longer keys or to obtain keys of a required format, such as converting a group element that is the result of a Diffie–Hellman key exchange into a symmetric key for use with AES. Keyed cryptographic hash functions are popular examples of pseudorandom functions used for key derivation. More...

+ Collaboration diagram for Key Derivation Functions:

Modules

 Algorithms
 Algorithms are meant to provide key derivation interface similar to STL algorithms' one.
 

Classes

struct  nil::crypto3::kdf::mode::counter< MessageAuthenticationCode >
 NIST SP 800-108 KDF Counter Mode (5.1) More...
 
struct  nil::crypto3::kdf::mode::feedback< MessageAuthenticationCode >
 NIST SP 800-108 KDF Feedback Mode (5.2) More...
 
class  nil::crypto3::kdf::hkdf< Hash, MessageAuthenticationCode >
 
class  nil::crypto3::kdf::kdf1< Hash >
 KDF1, from IEEE 1363. More...
 
class  nil::crypto3::kdf::kdf1_18033< Hash >
 KDF1 from ISO 18033-2. More...
 
class  nil::crypto3::kdf::kdf2< Hash >
 KDF2 from IEEE 1363. More...
 
struct  nil::crypto3::kdf::mode::pipeline< MessageAuthenticationCode >
 NIST SP 800-108 KDF Double Pipeline Mode (5.3) More...
 
class  nil::crypto3::kdf::prf_tls< Version, MessageAuthenticationCode1, MessageAuthenticationCode2 >
 
class  nil::crypto3::kdf::prf_tls< 1, mac::hmac< hashes::sha1 >, mac::hmac< hashes::md5 > >
 Explicitly TLS 1.0/1.1-compliant PRF version. More...
 
class  nil::crypto3::kdf::prf_tls< 1, MessageAuthenticationCode1, MessageAuthenticationCode2 >
 PRF used in TLS 1.0/1.1 with no MAC selection option. More...
 
class  nil::crypto3::kdf::prf_tls< 2, MessageAuthenticationCode, MessageAuthenticationCode >
 PRF used in TLS 1.2. More...
 
class  nil::crypto3::kdf::sp800_108< MessageAuthenticationCode, Mode >
 NIST SP 800-108 KDF. More...
 
struct  nil::crypto3::kdf::mode::sp800_108_mode< MessageAuthenticationCode >
 sp800_108 key derivation function policy base class More...
 
class  nil::crypto3::kdf::sp800_56a< Construction, typename >
 KDF defined in NIST SP 800-56a revision 2 (Single-step key-derivation function) More...
 
class  nil::crypto3::kdf::sp800_56a< Hash, typename std::enable_if< is_hash< Hash >::value >::type >
 Hash version of SP 800-56a KDF. More...
 
class  nil::crypto3::kdf::sp800_56a< mac::hmac< Hash >, typename std::enable_if< is_mac< mac::hmac< Hash > >::value >::type >
 Strictly standard-compliant SP 800-56a version. More...
 
class  nil::crypto3::kdf::sp800_56a< MessageAuthenticationCode, typename std::enable_if< is_mac< MessageAuthenticationCode >::value >::type >
 MAC version of SP 800-56a KDF. More...
 
class  nil::crypto3::kdf::sp800_56c< MessageAuthenticationCode, KeyDerivationFunction >
 NIST SP 800-56C KDF. More...
 
class  nil::crypto3::kdf::x942_prf< Hash >
 PRF from ANSI X9.42. More...
 

Detailed Description

Key derivation function (KDF) derives one or more secret keys from a secret value such as a master key, a password, or a passphrase using a pseudorandom function. KDFs can be used to stretch keys into longer keys or to obtain keys of a required format, such as converting a group element that is the result of a Diffie–Hellman key exchange into a symmetric key for use with AES. Keyed cryptographic hash functions are popular examples of pseudorandom functions used for key derivation.