Highest Voted 'kdf' Questions - IT Security Stack Exchange

14

votes

2 answers

Is KeePass's method for key derivation secure?

I'm familiar with how key derivation functions can be used to slow down brute force attacks against passwords by requiring significant computational and/or memory resources to compute the final key. Common KDFs I'm aware of are bcrypt, PBKDF2, and…

asked Sep 30 '15 at 15:56

Ajedi32

4,637
2
26
60

9

votes

2 answers

What is the difference between Key Derivation Function and (salted) Hash?

I see in this post that the main difference is that KDF outputs have "certain randomness properties", and I don't understand what does it mean. Suposing that that "certain randomness properties" are for protect from rainbow tables and that…

encryption cryptography hash kdf

asked Jul 30 '15 at 22:33

Julen

311
3
6

7

votes

3 answers

Why are KDFs slow? Is using a KDF more secure than using the original secret?

According to the Wikipedia page for key derivation functions, a KDF's purpose is to derive a secret key for cryptography: In cryptography, a key derivation function (KDF) derives one or more secret keys from a secret value such as a master key, a…

key-management pbkdf2 kdf

asked Oct 04 '19 at 18:20

user216316

7

votes

1 answer

Why brute-force the password instead of the key directly?

This answer on another question on security stackexchange by a very reputed user explains why he prefers GnuPG over OpenSSL for file encryption. From what I understand, it can be summarized as this: When using OpenSSL, the encryption key used is…

encryption passwords brute-force md5 kdf

asked Aug 20 '17 at 21:05

Gradient

225
1
3

7

votes

1 answer

Differences between LUKS and Veracrypt

These two FDE solutions are similar, but I noticed different executions speed: specially mounting a device it seems that Veracrypt takes more time decrypting it. So I would like to compare it with LUKS analizing the header format. I know about…

encryption pbkdf2 luks veracrypt kdf

asked Aug 07 '16 at 03:08

refex

351
3
11

6

votes

5 answers

AES256 with 128 bit key

A popular zero-knowledge file sharing site uses a 128-bit master key for encryption. However, they claim to be using AES256. When questioned, they explained the master key is widened using PBKDF2 and random salt to 256-bits. Can this technically…

encryption aes kdf

asked May 08 '19 at 16:19

Larry

161
3

5

votes

3 answers

Encrypt Items With Single Key or Use KDF+Salt To Encrypt Each Item?

I'm currently planning the development of a system where extremely sensitive information for individual users would be stored. There are currently two approaches being discussed. In order to make it more concrete, let's say we're encrypting each…

encryption kdf

asked Apr 19 '16 at 19:46

Eric Scrivner

53
4

5

votes

1 answer

Why is the Key Derivation Function important?

Let's consider this openssl command : openssl enc -aes-256-cbc -pass pass:PASSWORD Why is it important to have a good Key Derivation Function? This answer to another question suggest that GnuPG is preferable to Openssl because Openssl's KDF is…

encryption openssl aes key-generation kdf

asked Dec 31 '15 at 10:41

Gradient

225
1
3

4

votes

0 answers

Password manager that uses a mix of long and short key derivation functions

I was reading "A Convenient Method for Securely Managing Passwords, Halderman et al., 2005". In short, the authors say to do the following: cache = very_long_key_derivation_function(salt,master_password) save the cache on disk password_for_site_a =…

password-management kdf

asked Jun 20 '16 at 14:27

gw653

41
1

3

votes

2 answers

How to choose between password derivation or encryption?

Suppose you use a password manager having all possible features of modern password managers: encryption with a key derived from your master password, auto-filling, cloud or local storage, browser extension, web and local applications, random…

encryption passwords password-management password-cracking kdf

asked Nov 13 '18 at 11:32

CidTori

183
6

3

votes

1 answer

When would one use a password hash instead of a KDF?

From what I'm reading, for storing passwords it is recommended to use a KDF (like Bcrypt). If it is more secure to use a KDF for handling passwords, when would you use a password hash instead?

hash kdf

asked Jul 28 '18 at 23:20

VortixDev

425
4
10

3

votes

1 answer

ECDH vs DH secret key size

In the past couple of weeks I have been reading about DH and ECDH which are key exchanging algorithm to compute a shared secret key. According to advices, it is better to use DH with key size 2048 bits and ECDH secp521r1 which results in 528 bits…

hash key-management diffie-hellman kdf

asked Jan 15 '17 at 08:21

Hadi

133
1
5

2

votes

2 answers

Is it okay if passphrases to KDFs are "predictable"

I'm looking to do file encryption for small amounts of text (8-100 characters for each item being encrypted). Here's what I have: A secret passphrase and a salt. I Use Rijndael to generate a key and iv when encrypting text. I use the key+iv to…

encryption kdf

asked Jul 27 '15 at 17:12

ashic

135
3

2

votes

2 answers

File encryption allowing changing password

My app needs to work with encrypted user files on their devices. It should keep the data secret when someone gets hold of the device. For this, I'm thinking about the following schema (which may be wrong, and that's why I'm asking). The app…

encryption passwords file-encryption kdf

asked Dec 14 '19 at 23:39

maaartinus

684
5
12

1

vote

1 answer

Is there any problem using empty salts with PBDKF for this purpose?

The aim is to generate a secure key for symmetric encryption. I have a master password, from which I want to generate the key for symmetric encryption, in order to encrypt other passwords. The idea is to use PBDKF2 for the generation of that…

passwords hash password-management pbkdf2 kdf

asked Aug 24 '15 at 19:45

Julen

311
3
6

Questions tagged [kdf]