This page looks best with JavaScript enabled

HKDF

 ·   ·  โ˜• 1 min read  ·  ๐Ÿฆ‚ k4i · ๐Ÿ‘€... views
    ๐Ÿท๏ธ

HMAC-based KDF(key derivation function)

HMAC

message authentication code (MAC)
Hash-based MAC

$\text{HMAC}(\text{H}, key, text) = \text{HMAC-Hash}(key, text) = \text{H}((key \oplus opad) \Vert \text{H}(key \oplus ipad, text))$

HKDF

HKDF-Extract

$IKM$ (input keying material)
$PRK = \text{HKDF-Extract}(\text{H}, salt, IKM) = \text{HMAC}(\text{H}, salt, IKM)$

HKDF-Expand

expand the above PRK (pseudo random key) to a given length.

1
2
3
4
5
6
7
8

N = ceil(L/hashLen)
T = T(1) || T(2) || T(3) || ... || T(N)
OKM = T็š„ๅ‰Lๅญ—่Š‚

T(0) = ็ฉบ
T(1) = HMAC(H, PRK, T(0) || info || 0x01) = HMAC-Hash(PRK, T(0) || info || 0x01)
T(2) = HMAC(H, PRK, T(1) || info || 0x02) = HMAC-Hash(PRK, T(1) || info || 0x02)
T(3) = HMAC(H, PRK, T(2) || info || 0x03) = HMAC-Hash(PRK, T(2) || info || 0x03)

Refs

Share on

Author k4i

LastMod January 18, 2023 (update writing guide - 690878d)

Markdown The Markdown version ยป

License CC BY-NC-SA 4.0

See Also