I would like to generate a key which would be good enough to be used for encryption with AES in a mobile environment. My idea is to use as a seed ''random attributes'' from a mobile device. Is hashing first this seed using HMAC construction (with some salt which is also random but public) and then use a HMAC-based Key Derivation function secure and efficient?
Asked
Active
Viewed 954 times
1 Answers
3
If you have plenty entropy in your "seed" then just use a KBKDF such as HKDF. If you have somewhat less, use a PBKDF such as PBKDF2. Both HKDF and PBKDF2 can take a salt as input parameter and are already using a HMAC internally.
There is no need to perform a HMAC beforehand. If you do, you would have to specify what data is used as key for the HMAC primitive.
If you just need a random key, use a well seeded CSPRNG (possibly just the one that the runtime supplies, the OS usually has most access to entropy sources).
Maarten Bodewes
- 96,351
- 14
- 169
- 323