Score:1

How to derive two keys from one password with Argon2id

bm flag

I'd like to derive two independent 256 bit keys for symmetric encryption from a user password. I'm using Argon2id as the password-based key derivation function. I'm planning to do the following:

  1. Generate a 256 bit random salt.
  2. Generate a 512 bit tag with Argon2id using the user's password and the salt.
  3. Take the first 256 bits of the 512 bit tag for the first key and the second 256 bits for the second key.

Does this produce two independent keys?

Note: this question answers in the positive for scrypt.

kelalaka avatar
in flag
[Using different salt is used for deriving more than one key from a password.](https://crypto.stackexchange.com/a/95957/18298) and note that [you cannot have more than 512-not security from Argon2](https://crypto.stackexchange.com/a/98514/18298)
Score:2
vn flag

Argon2 supports variable-length output, and all the output behaves as independent random bits. You can split the output up in any way you want. Note that the total security is no greater than 512 bits, but this is not a problem and a larger output does not cause the randomness to "stretch" and turn weak.

Using Argon2 to generate a variable-length output is equivalent to generating a single output and feeding it into HKDF to generate multiple keys, or feeding it into a XOF to expand it into more bytes.

See https://en.wikipedia.org/wiki/Argon2#Variable-length_hash_function

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.