HKDF is a key derivation function specified in RFC5869.
HKDF is a key derivation function, which can be used as a building block in protocols and applications. It is based upon HMAC and is specified in RFC 5869.
Questions tagged [hkdf]
117 questions
3
votes
1 answer
HKDF: Difference between salt and info
I want to do generate individual AES keys for a number of smart cards, based on a random master key (key diversification) and the serial number of the card.
According to the answers to this question HKDF is the/one way to go.
HKDF has three inputs,…
AndreKR
- 173
- 5
2
votes
1 answer
Security of HKDF when part of output is exposed
There is a system in which Alice and Bob need to establish a secure communication channel. Their conversation happens via a "public" server whose only purpose is to rely messages between users. This server must never be able to decrypt…
Deril
- 41
- 1
1
vote
1 answer
Maximum output of HKDF
I got a question with the RFC of HKDF https://www.rfc-editor.org/rfc/rfc5869.
There is a maximum specified for the output keying material. The length of the OKM shall be <= 255HashLen. What does it mean? For example there is a hashfunction with…
chris000r
- 519
- 3
- 15
1
vote
1 answer
HKDF IKM length requirements?
I read through RFC5869 and I didn't see any recommended or required octet length of the IKM used in the HKDF-Extract operation. Is there any relationship between the Hash method used in the HKDF-Expand operation and the IKM length? e.g. when using…
RishiD
- 113
- 3
0
votes
1 answer
applying HKDF at both the client and the server
I have two keys (K1 and K2) at both the client and the server. I hope to use HKDF in both client and server side to concatenate the keys.
I will use the same salt value at both the client ad the server. Then will I be able to arrive at the same key…
Samantha Withanage
- 105
- 3