Modular Crypt Format

From Crypto++ Wiki
Jump to navigation Jump to search

A Key Derivation Function (KDF) is used to stretch user supplied key material to a specific size or sizes required by high level cryptographic primitives. A Password Based Key Derivation Function stretches a secret password or passphrase to a specific size required by some other cryptographic function. The most common use of KDFs is during password verification.

The table below shows some of the key derivation functions and their Modular Crypt Format. Not all of them are provided by the Crypto++ library, and the library provides more than is listed in the table.

Algorithm Prefix Comment
HKDF - Generic extract-then-expand KDF
Argon2 - Winner of the PHC
Lyra2 - Not provided by Crypto++
scrypt "$s2$" or "$rscrypt$" Original "memory hard" KDF
bcrypt "$2y$" Not provided by Crypto++
PBKDF2 "$pbkdf2-sha256$" -
MD5 "$1$" Not recommended for use
SHA1 - Not recommended for use
NTHASH "$3$" Not recommended for use

The Modular Crypt Format prefix string for an algorithm always begins and ends with a dollar-sign symbol.

Further reading