How to derive two keys from one password with Argon2id

Agost Biro

8/1/23, 4:13 PM

I'd like to derive two independent 256 bit keys for symmetric encryption from a user password. I'm using Argon2id as the password-based key derivation function. I'm planning to do the following:

Generate a 256 bit random salt.
Generate a 512 bit tag with Argon2id using the user's password and the salt.
Take the first 256 bits of the 512 bit tag for the first key and the second 256 bits for the second key.

Does this produce two independent keys?

Note: this question answers in the positive for scrypt.

0 + 0

encryption

key-derivation

argon2

kelalaka

8/1/23, 9:18 PM

[Using different salt is used for deriving more than one key from a password.](https://crypto.stackexchange.com/a/95957/18298) and note that [you cannot have more than 512-not security from Argon2](https://crypto.stackexchange.com/a/98514/18298)

Score:2

Crypto

forest

8/1/23, 10:06 PM

Argon2 supports variable-length output, and all the output behaves as independent random bits. You can split the output up in any way you want. Note that the total security is no greater than 512 bits, but this is not a problem and a larger output does not cause the randomness to "stretch" and turn weak.

Using Argon2 to generate a variable-length output is equivalent to generating a single output and feeding it into HKDF to generate multiple keys, or feeding it into a XOF to expand it into more bytes.

See https://en.wikipedia.org/wiki/Argon2#Variable-length_hash_function

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to derive two keys from one password with Argon2id

TH: วิธีรับสองคีย์จากรหัสผ่านเดียวด้วย Argon2id

RO: Cum să obțineți două chei dintr-o singură parolă cu Argon2id

RU: Как получить два ключа из одного пароля с помощью Argon2id

VI: Cách lấy hai khóa từ một mật khẩu với Argon2id

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.