Modular Crypt Format
Jump to navigation
Jump to search
A Key Derivation Function (KDF) is used to stretch user supplied key material to a specific size or sizes required by high level cryptographic primitives. A Password Based Key Derivation Function stretches a secret password or passphrase to a specific size required by some other cryptographic function. The most common use of KDFs is during password verification.
The table below shows some of the key derivation functions and their Modular Crypt Format. Not all of them are provided by the Crypto++ library, and the library provides more than is listed in the table.
Algorithm | Prefix† | Comment |
---|---|---|
HKDF | - | Generic extract-then-expand KDF |
Argon2 | - | Winner of the PHC |
Lyra2 | - | Not provided by Crypto++ |
scrypt | "$s2$" or "$rscrypt$" | Original "memory hard" KDF |
bcrypt | "$2y$" | Not provided by Crypto++ |
PBKDF2 | "$pbkdf2-sha256$" | - |
MD5 | "$1$" | Not recommended for use |
SHA1 | - | Not recommended for use |
NTHASH | "$3$" | Not recommended for use |
† The Modular Crypt Format prefix string for an algorithm always begins and ends with a dollar-sign symbol.