I need to verify a password before decrypting the data. My encrypted data is too big and waiting to see if the authentication tag is correct is out of the question. I’m using Argon2id as my KDF. My question is, can I hash the derived key with SHA256 and before decryption compare it to avoid start decrypting if the hashes aren’t equal?
Asked
Active
Viewed 76 times
1 Answers
1
Yes, that works fine. Note though that if the password, or any of the other inputs to / properties of the KDF, gets changed then you'll need to update the hash.
CBHacking
- 40,303
- 3
- 74
- 98