Score:1

Is it reasonable to use DRBG and PBKDF together?

pe flag

I want to generate a random number using DRBG with below follow: Entropy source -> DRBG -> PBKDF

adding PBKDF is redundant ?

Score:3
si flag

A PBKDF is a password-based key derivation function. The output of a DRBG is NOT a password.

A DRBG's output could be used as an input to a key derivation function, if (and only if) that DRBG is cryptographically secure (AKA a CSPRNG). For example RSA requires picking two large prime numbers randomly, and CSPRNGs are used to supply data for RSA KDFs.

It's often useless to use a standard KDF to generate symmetric keys based on the output of a DRBG. If the DRBG isn't a CSPRNG, the output isn't secure. If it is, the KDF is unnecessary, one could just generate more bits! The exception is with "ratcheting" schemes where a KDF is used on a previous key and some other data to derive the next key key. The first key in the sequence might have been generated with the use of a CSPRNG.

Maarten Bodewes avatar
in flag
I agree mostly, but generating a master secret (using a DRBG) and then deriving additional keys using a KBKDF would be a fine practice.
SAI Peregrinus avatar
si flag
Agreed. I try to get at this with the last paragraph: it's not generally necessary, but it can be useful, particularly for ratchet schemes.
Maarten Bodewes avatar
in flag
I could also see it useful if there are multiple ways that a master secret can be formed, not just generation using a PRNG.
Score:0
kr flag

I assume you use a secure DRBG.

If you have little entropy, e.g. 8 bits per request, then the results of DRBG will be easily predictable. Knowing a few values previous numbers can allow to predict further numbers.

Applying PBKDF does not help. And for PBKDF (if you mean PBKDF2, Argon, Makwa, scrypt etc.) you will normally need further random number, means you will need further entropy. Better is to us this entropy in DRBG directly.

If DRBG is secure and accepts sufficiently long input/seed, collect sufficient entropy, e.g. 128 bit, and use pure DRBG.

Andy avatar
pe flag
Yes, entropy source are from TRNG and use secure DRBG.
kr flag
@Andy: Then just collect sufficient entropy (depending on what you consider secure for your purpose, e.g. 128 bit), and use pure DRBG.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.