LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

How can a block cipher be used as a pseudorandom function (PRF) or for key derivation (KDF)?

By encrypting a counter or label with a secret key, a block cipher can generate pseudorandom output suitable for deriving multiple keys from a single master key.

A KDF derives K_enc, K_mac, K_iv from one master secret

* A KDF splits one master secret into separate purpose-specific keys, giving domain separation. *

Block cipher as PRF:

Output_i = E(K, i)    (encrypt counter values 0, 1, 2, ...)

This produces a sequence of pseudorandom blocks, similar to CTR mode but used for key generation rather than encryption.

Key Derivation Function (KDF):

  • Input: a master key K_master
  • Output: multiple derived keys for different purposes
  • Example: K_enc = E(K_master, 1), K_mac = E(K_master, 2), K_iv = E(K_master, 3)

Why use a KDF?

  • Never use the same key for multiple purposes
  • A single shared secret (from key exchange) needs to produce multiple keys
  • KDFs add domain separation — even if one derived key is compromised, others remain safe

Standard KDFs:

  • HKDF (HMAC-based) — most common in TLS
  • NIST SP 800-108 — uses block ciphers or HMAC
  • PBKDF2 — for password-based key derivation (adds salt and iterations)

Go deeper:

From Quiz: KRYPTOG / Symmetric Cryptography | Updated: Jul 14, 2026