Key derivation

Purpose

BLAKE2b can be used as a key derivation function (KDF) for high-entropy keys. It takes the following parameters to produce 256 to 512 bits of output keying material:

  • 256 to 512 bits of input keying material (e.g. a shared secret).

  • A 128-bit personalization constant (e.g. an application/protocol name).

  • A 128-bit salt (e.g. a counter or random data).

  • Optional contextual info of any length (e.g. an explanation of what the key will be used for).

This allows you to derive new, distinct keys from a high-entropy master key. For example, separate keys for encryption and authentication with Encrypt-then-MAC by changing the personalization constant, salt, and/or info.

Usage

DeriveKey

Fills a span with output keying material computed from input keying material, a personalization constant, a salt, and optional additional contextual info.

BLAKE2b.DeriveKey(Span<byte> outputKeyingMaterial, ReadOnlySpan<byte> inputKeyingMaterial, ReadOnlySpan<byte> personalization, ReadOnlySpan<byte> salt = default, ReadOnlySpan<byte> info = default)

Exceptions

ArgumentOutOfRangeException

outputKeyingMaterial has a length less than MinKeySize or greater than MaxKeySize.

ArgumentOutOfRangeException

inputKeyingMaterial has a length less than MinKeySize or greater than MaxKeySize.

ArgumentOutOfRangeException

personalization has a length not equal to PersonalSize.

ArgumentOutOfRangeException

salt has a length greater than 0 but not equal to SaltSize.

CryptographicException

The key could not be derived.

Constants

These are used for validation and/or save you defining your own constants.

public const int KeySize = 32;
public const int SaltSize = 16;
public const int PersonalSize = 16;
public const int MinKeySize = 32;
public const int MaxKeySize = 64;

Notes

Last updated