# key derivation function > function that derives one or more secret keys from a secret value **Wikidata**: [Q3496793](https://www.wikidata.org/wiki/Q3496793) **Wikipedia**: [English](https://en.wikipedia.org/wiki/Key_derivation_function) **Source**: https://4ort.xyz/entity/key-derivation-function ## Summary A key derivation function (KDF) is a cryptographic primitive used to derive one or more secret keys from a master secret value. It serves as a fundamental building block for complex cryptosystems, primarily utilized for secure password hashing and cryptographic key management. ## Key Facts - Classified as a cryptographic primitive and a mathematical function. - Primary use is the creation of hashed passwords to secure user credentials. - Described by "The Cyber Security Body of Knowledge" (CyBOK) as a core component of infrastructure security and key management. - Serves as the technical basis for Hierarchical Deterministic Wallets, a standard for Bitcoin wallets. - Includes specialized password-based variants known as PBKDF (Password-Based Key Derivation Functions). - Common standardized algorithms include PBKDF2, Argon2, scrypt, and bcrypt. - Can be based on other cryptographic structures, such as HMAC (e.g., HKDF). - Recognized globally with aliases including KDF, PBKDF, and Schlüsselableitungsfunktion. ## FAQs ### Q: What is the main purpose of a key derivation function? A: The primary purpose of a KDF is to derive one or more secret keys from a single secret value, such as a password or a seed. This ensures that the resulting keys are suitable for use in encryption algorithms and other cryptographic operations. ### Q: What are some examples of password-based KDFs? A: Common examples include Argon2 (with its variants Argon2d, Argon2i, and Argon2id), bcrypt, scrypt, and PBKDF2. These are specifically designed to protect passwords by making them computationally difficult to crack. ### Q: How are KDFs used in cryptocurrency? A: KDFs are essential to the Bitcoin standard for Hierarchical Deterministic Wallets. They allow a wallet to derive a tree of multiple keys and addresses from a single master secret or seed value. ## Why It Matters Key derivation functions (KDFs) are essential components of modern digital security infrastructure. As a cryptographic primitive, they provide the necessary mechanism to transform low-entropy inputs—such as human-readable passwords—into high-entropy secret keys required by robust encryption algorithms. This transformation is critical because passwords chosen by users are often too short or predictable to be used directly as cryptographic keys. KDFs solve the problem of secure credential storage through "password hashing." By using algorithms like Argon2, scrypt, or bcrypt, systems can store a derived value rather than the password itself, significantly increasing the difficulty for attackers to perform brute-force or dictionary attacks. Beyond simple password storage, KDFs enable advanced cryptographic architectures, such as Hierarchical Deterministic Wallets in the blockchain space. These allow for the management of an entire ecosystem of keys from a single root secret. Without KDFs, managing multiple cryptographic keys would be significantly more complex and prone to security vulnerabilities, as every key would need to be generated and stored independently. Their role is so central that they are a primary focus in academic security frameworks like the Cyber Security Body of Knowledge (CyBOK). ## Notable For - **Argon2 Variants:** Features specialized versions including Argon2d, Argon2i, and Argon2id to address different security requirements. - **Cryptocurrency Standards:** Acts as the underlying technology for Hierarchical Deterministic Wallets (Bitcoin standard). - **Standardization:** Includes widely recognized standards such as PBKDF2 and HMAC-based functions like HKDF. - **Memory-Hard Functions:** Includes algorithms like scrypt and yescrypt designed to resist hardware-accelerated attacks. ## Body ### Classification and Functionality A key derivation function is a cryptographic primitive and a subclass of mathematical functions. Its core operation involves taking a secret value as input and outputting one or more secret keys. This process is documented in the Cyber Security Body of Knowledge (CyBOK) under the categories of Key Management (18.3.2) and Password-Based Key Derivation (18.3.3). ### Password-Based Key Derivation (PBKDF) A significant subset of KDFs is the Password-Based Key Derivation Function (PBKDF). These are specifically optimized to derive keys from passwords. Notable implementations include: * **Argon2:** A modern KDF with variants Argon2d, Argon2i, and Argon2id. * **bcrypt and scrypt:** Established functions widely used for password hashing and protection against brute-force attacks. * **PBKDF1 and PBKDF2:** Standardized protocols for password-based derivation. * **yescrypt and Lyra2:** Specialized functions designed for password security. ### Technical Implementations KDFs can be constructed using various cryptographic methods. For example, **HKDF** is a key derivation function based on HMAC (Hash-based Message Authentication Code). Other historical or simpler versions include **KDF1** and the traditional **crypt** function, which is often referred to as a "password hash." ### Applications in Cryptosystems Beyond simple password storage, KDFs are integral to complex systems. They serve as building blocks for broader cryptosystems and are essential to the Bitcoin standard for Hierarchical Deterministic Wallets. These wallets rely on KDFs to derive a hierarchy of keys from a single master seed, ensuring both security and ease of backup. ```json { "@context": "https://schema.org", "@type": "Thing", "name": "Key derivation function", "description": "A function that derives one or more secret keys from a secret value, used as a cryptographic primitive for password hashing and key management.", "sameAs": ["https://www.wikidata.org/wiki/Q1137956", "https://en.wikipedia.org/wiki/Key_derivation_function"], "additionalType": "http://purl.org/ontology/bibo/Webpage" }