How We Generate Encryption Keys From Pass Phrases
Humans like words, and computers like binary, so we need to find ways where we can generate encryption keys that we can remember. One method is to use a Key Derivation Function (KDF).
One method is HKDF, and which is a HMAC method for key derivation. Initially HKDF creates a pseudorandom key (PRK) using a pass phrase and a salt value (and any other random functions which are relevant), in order to produce an HMAC hash function (such as HMAC-SHA256), and along with a salt value. Next the PRK output is used to produce a key of the required length. If we generate a 16-byte output (32 hex characters), we have a 128-bit key, and a 32-byte output (64 hex characters) will generate a 256-bit key. HKDF is used in TLS 1.3 for generating encryption keys.
A sample run is [here]:
Message: hello123
Salt: 8e94ef805b93e683ff18
===================
PRK: e229a4a30ea99b3bac27d233cef0d1feb4be4dcf6531f86d9ce521f9b5af19324fdeb74622bbb52353563cbd37a552c615daf696541f461428aaa39481c60559
Key: e786fca9472ab083e5bb84c55fe6b581The output of the first stage is the pseudorandom key. In this case we have a key of “e786fca9472ab083e5bb84c55fe6b581” which is 32 hex characters, and is thus 128-bits (16 bytes).
An outline of the code is:
import sys
from binascii…
