Key Derivation Function

A Key Derivation Function (KDF) is a cryptographic algorithm that transforms a master secret, password, or seed into one or more derived cryptographic keys suitable for encryption, signing, or authentication. KDFs apply computational hardness through iterative hashing and salt parameters to slow brute-force attacks, making them essential for converting weak user passwords into strong keys. Common KDFs include PBKDF2, bcrypt, and Argon2, each offering different trade-offs between security, speed, and memory usage. They are fundamental to wallet security, where a single seed phrase generates an entire hierarchy of private keys for managing multiple cryptocurrency accounts. Example: BIP-39 hierarchical deterministic wallets use PBKDF2 as a key derivation function to convert a 12 or 24-word seed phrase into the master private key, from which all Bitcoin and Ethereum account keys are derived. Why it matters for privacy technology: KDFs prevent attackers from easily recovering cryptographic keys from passwords or seeds, protecting user funds and privacy even if the master secret is partially compromised or weak.

Category: privacy technology, wallets security

Explore the full Web3 Glossary — 2,062+ expert-curated definitions. Need guidance? Talk to our consultants.