Creating An Encryption Key from a Passphrase
I’ve lost count of the number of programs I’ve reviewed where a hashing method has been used to generate an encryption key from a passphrase. Overall this is not good practice, as it can be relatively easy to crack the encryption key, and there are flaws in the way that many of the hashing methods create a hash value. For example, MD5, SHA-1 and SHA-256 have fundamental weaknesses related to the length extension attack [here]. To overcome these problems we can use a KDF (Key Derivation Function), and one of the most useful is the HMAC version: HKDF (HMAC Key Derivation Function).
Within HKDF we can use most of the standard hashing methods to generate an encryption key of a given length. For a 128-bit key, we would generate 16 bytes, for a 192-bit key we would generate 24 bytes, and for a 256-bit key, we would generate 32 bytes. A 512-bit key would need 64 bytes. The HKDF copes with this, in having a variable-length output, whereas most hashing functions only produce a fixed-length output. MD5, for example, has a 128-bit output, SHA-1 has 160 bits, and SHA-256 has 256 bits.
HKDF
One of the most widely used cryptography integrations into Python is cryptography. This has a number of KDF methods in the Hazmat primitives. In this case, we will generate a number of outputs for HKDF and also for scrypt and PBKDF2. Overall…
