Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/carlosmakin/hkdf
An implementation of the HMAC-based Key Derivation Function (HKDF) mechanism as per RFC 5869.
https://github.com/carlosmakin/hkdf
dart hkdf hmac rfc5869
Last synced: 6 days ago
JSON representation
An implementation of the HMAC-based Key Derivation Function (HKDF) mechanism as per RFC 5869.
- Host: GitHub
- URL: https://github.com/carlosmakin/hkdf
- Owner: carlosmakin
- Created: 2024-01-29T06:55:48.000Z (10 months ago)
- Default Branch: main
- Last Pushed: 2024-08-17T05:55:48.000Z (3 months ago)
- Last Synced: 2024-08-17T06:48:09.687Z (3 months ago)
- Topics: dart, hkdf, hmac, rfc5869
- Language: Dart
- Homepage:
- Size: 6.84 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
Awesome Lists containing this project
README
## HKDF 🔑
### Overview
This Dart repository implements the HMAC-based Key Derivation Function (HKDF) as defined in [RFC 5869](https://www.rfc-editor.org/rfc/rfc5869). HKDF is a key derivation mechanism used to generate strong cryptographic keys from weaker input key material (IKM), suitable for a wide range of cryptographic applications.
### HKDF
HKDF combines a hash-based message authentication code (HMAC) with an extraction and expansion process, ensuring the generation of strong, high-entropy keys. It's highly adaptable and secure, making it an excellent choice for various key derivation needs.
#### Key Features:
- **Robust Security**: Resistant to common cryptographic attacks, ensuring the generation of secure keys.
- **Flexibility**: Suitable for a variety of applications, offering customizable key derivation.
- **Configurable Hash Function**: Can be used with different hash functions to fit specific security requirements.
#### Best Practices:
- Utilize a cryptographically strong hash function.
- Employ a non-empty salt for improved security, particularly when the quality of the input key material is in question.
### Background and History
HKDF, as standardized in RFC 5869, is a straightforward yet effective tool for cryptographic key derivation, built on the principles of HMAC-based extraction and expansion of keys.
### RFC 5869
RFC 5869 details the implementation, usage, and security considerations for HKDF, promoting its consistent and secure application in cryptographic systems.
## Usage Examples
### Real-World Use Case: Secure Key Derivation
**Scenario**: Generating a strong encryption key from a password.
```dart
import 'dart:typed_data';
import 'package:hkdf/hkdf.dart';
Uint8List password = ...; // User-provided password
Uint8List salt = ...; // A unique salt
Uint8List info = ...; // Optional application-specific information
// Extract phase
Uint8List prk = HKDF.extract(sha256, password, salt);
// Expand phase
Uint8List strongKey = HKDF.expand(sha256, prk, 32, info);
// Use strongKey for cryptographic purposes
```
### Real-World Use Case: Establishing a Secure Channel
**Scenario**: Deriving keys for secure communication in a client-server model.
```dart
import 'dart:typed_data';
import 'package:hkdf/hkdf.dart';
Uint8List sharedSecret = ...; // Shared secret from a key exchange protocol
Uint8List salt = ...; // A unique salt
Uint8List info = ...; // Optional application-specific information
// Extract phase
Uint8List prk = HKDF.extract(sha256, sharedSecret, salt);
// Expand phase to derive specific keys
Uint8List encryptionKey = HKDF.expand(sha256, prk, 32, info);
// Use encryptionKey for encrypting communication
```
## Contribution
Contributions to improve the implementation, enhance security, and extend functionality are welcome. If you find any issues or have suggestions, please feel free to open an issue or submit a pull request.