GenerateDerivedKey

GenerateDerivedKey[password]

generates a DerivedKey object from the password given.

GenerateDerivedKey[password,salt]

generates a DerivedKey object from the password and salt given.

Details and Options

  • GenerateDerivedKey uses a computation-intensive key derivation function to generate a cryptographically strong key hash.
  • password and salt can be strings, lists of integers representing byte values or ByteArray objects.
  • GenerateDerivedKey[password] is equivalent to GenerateDerivedKey[password,Automatic]. If salt is not provided, it is randomly generated.
  • GenerateDerivedKey takes a Method option, which uses an Association to specify a key derivation function and parameters.
  • Typical settings for Method include:
  • "Function"key derivation function
    "Parameters"key derivation function parameters
  • Supported key derivation functions are: "scrypt", "Argon2d", "Argon2i", "Argon2id".
  • Parameters for the "scrypt" key derivation function are an Association, which includes:
  • "KeySize"64desired key length in bytes
    "N"2^15computational cost factor
    "r"8block size factor
    "p"1parallelization factor
  • The value of "N" must be an integer power of 2 greater than 1.
  • Parameters for the "Argon2" key derivation functions are an Association, which includes:
  • "KeySize"64desired key length in bytes
    "t"2number of iterations
    "m"2^16memory size to use in kibibytes
    "p"1parallelization factor
  • The value of "m" must be an integer power of 2.
  • To generate a cryptographically secure key, parameters of the key derivation function are usually adjusted for the computation on a specific computer to take just below a fraction of a second.

Examples

open all close all

Basic Examples  (13)

Generate derived key:

In[1]:=
Click for copyable input
Out[1]=

Generate derived key using password and salt:

In[1]:=
Click for copyable input
Out[1]=

Generate derived key using a list of integers as a password:

In[1]:=
Click for copyable input
Out[1]=

Generate derived key using ByteArray as a password:

In[1]:=
Click for copyable input
Out[1]=

Generate derived key using a list of integers as a salt:

In[1]:=
Click for copyable input
Out[1]=

Generate a derived key using specified key derivation function:

In[1]:=
Click for copyable input
Out[1]=

Specify a key derivation function:

In[1]:=
Click for copyable input
Out[1]=

Generate derived key using "scrypt" and specified parameters:

In[1]:=
Click for copyable input
Out[1]=

Generate derived key with specific parameters using password and salt:

In[1]:=
Click for copyable input
Out[1]=

Generate string representation of DerivedKey:

In[1]:=
Click for copyable input
Out[1]=
In[2]:=
Click for copyable input
Out[2]=

Construct DerivedKey from its string representation:

In[1]:=
Click for copyable input
Out[1]=

Generate a ByteArray from the password:

In[1]:=
Click for copyable input
Out[1]=

Specify a key derivation function and parameters:

In[1]:=
Click for copyable input
Out[1]=

Scope  (1)

Applications  (3)

Properties & Relations  (3)

Possible Issues  (3)

Introduced in 2019
(12.0)