Details and Options
- GenerateDerivedKey uses a computation-intensive key derivation function to generate a cryptographically strong key hash.
- password and salt can be strings, lists of integers representing byte values or ByteArray objects.
- GenerateDerivedKey[password] is equivalent to GenerateDerivedKey[password,Automatic]. If salt is not provided, it is randomly generated.
- GenerateDerivedKey takes a Method option, which uses an Association to specify a key derivation function and parameters.
- Typical settings for Method include:
"Function" key derivation function "Parameters" key derivation function parameters
- Supported key derivation functions are: "scrypt", "Argon2d", "Argon2i", "Argon2id".
- Parameters for the "scrypt" key derivation function are an Association, which includes:
"KeySize" 64 desired key length in bytes "N" 2^15 computational cost factor "r" 8 block size factor "p" 1 parallelization factor
- The value of "N" must be an integer power of 2 greater than 1.
- Parameters for the "Argon2" key derivation functions are an Association, which includes:
"KeySize" 64 desired key length in bytes "t" 2 number of iterations "m" 2^16 memory size to use in kibibytes "p" 1 parallelization factor
- The value of "m" must be an integer power of 2.
- To generate a cryptographically secure key, parameters of the key derivation function are usually adjusted for the computation on a specific computer to take just below a fraction of a second.
Examplesopen allclose all
Basic Examples (13)
Generate derived key using ByteArray as a password:
Generate string representation of DerivedKey:
Construct DerivedKey from its string representation:
Generate a ByteArray from the password:
Properties & Relations (3)
Possible Issues (4)
Introduced in 2019