What is HKDF (HKDF)?
HKDF is HMAC-based Extract-and-Expand key derivation function by Krawczyk and Eronen. HKDF is state of the art and used in protocols like IPsec. The Crypto++ implementation is from Cryptographic Extraction and Key Derivation: The HKDF Scheme and RFC 5869, HMAC-based Extract-and-Expand Key Derivation Function (HKDF) .
What is the crypto++ implementation of HKDF?
The Crypto++ implementation is from Cryptographic Extraction and Key Derivation: The HKDF Scheme and RFC 5869, HMAC-based Extract-and-Expand Key Derivation Function (HKDF) . HKDF provides the KeyDerivationFunction interface rather than the MessageAuthenticationCode interface.
How does HKDF extract a PRK?
HKDF extracts a pseudorandom key (PRK) using an HMAC hash function (e.g. HMAC – SHA256) on an optional salt (acting as a key) and any potentially weak input key material (IKM) (acting as data).
What is KDF in crypto++?
The KDF interface consists of a default constructor and a method DeriveKey which derives a user key form the parameters. All Crypto++ hashes derive from HashTransformation. The base class provides functions like Update, Final and Verify. You can swap-in any hash for any other hash in your program.