Practical-Cryptography-for-Developers-Book icon indicating copy to clipboard operation
Practical-Cryptography-for-Developers-Book copied to clipboard

Published 20 hours ago verified publisher icon nakov

KDF vs. PBKDF

Open hrobky opened this issue 7 years ago • 0 comments

This crucial difference is missing in the text and it treats KDFs as if they were PBKDFs, possibly confusing coders - the target audience.

KDF is a key derivation function in general - for example for deriving round keys - and designed to be fast. PBKDFs are designed to be brute force resilient and therefore to be slow. It's literally stated in /mac-and-key-derivation/hmac-and-key-derivation, that SHA is not a good [PB]KDF, which is true, but it's perfectly correct and used as KDF - like in WhisperMessage (Signal, WhatsApp, ...)

hrobky avatar Nov 26 '18 10:11 hrobky