What is Key Derivation?

Human-chosen passwords are inherently weak as cryptographic keys. They are short, have limited character sets, and follow predictable patterns. A key derivation function (KDF) bridges this gap by processing the password through a computationally intensive algorithm that outputs a fixed-length key suitable for encryption.

Key derivation functions are deliberately designed to be slow and resource-intensive. This is counterintuitive for most software, where speed is valued, but for KDFs, slowness is a security feature. An attacker trying to brute-force a password must run the KDF for each guess. If the KDF takes 100 milliseconds per attempt, trying a billion passwords would take over three years — compared to seconds with a fast hash function.

Common KDFs include PBKDF2, bcrypt, scrypt, and Argon2. Each balances different resources (CPU time, memory, parallelism) to resist different attack strategies. The choice of KDF depends on the environment: browser-based applications typically use PBKDF2 because it is available via the Web Crypto API, while server-side applications may prefer Argon2 for its memory-hardness.

How Vaulted uses Key Derivation

When you set an optional passphrase on a secret, Vaulted uses key derivation to turn that passphrase into a wrapping key. Specifically, it runs PBKDF2 with 100,000 iterations, SHA-256, and a random 16-byte salt via the Web Crypto API. The derived key is used with AES-KW to wrap the original AES-256-GCM encryption key. The recipient must enter the same passphrase to derive the same wrapping key and unwrap the encryption key before decrypting the secret.