nfoWorks: tools for document interoperability

n120802 nfoWorks nfoNote
SHA1DKx Concept


 0.00 2017-06-14 20:22 -0700

SHA1DKx is a family of closely-related security primitives for producing derived keys from passwords or other shared keys.  The primary application for SHA1DKx is derivation of authentication codes for confirmation of a password entry. 

The SHA1DKx are also suitable for creation of authz160 tear-off authentication stubs that are not dependent on the password and cannot be attacked to discover the password.  In  this case, the portion of the authentication "ticket" that does depend on the password is not revealed.

The SHA1DKx procedures employ a salted, iterated digest along with an optional context-specific (and possibly-secret) inclusion that prevents the same password and salt from having the same derived key/authentication-code value in different contexts.  If SHA1DKx-derived authentication codes are not protected as secrets, the confidentiality of the password is not ensured.

SHA1DKx is essentially a profile of PBKDF2-SHA1 key derivation and can be used for derivation of cryptographic keys from passwords as well.  SHA1DKx rely on existing, well-known cryptographic primitives that are generally already available to applications where SHA1DKx is useful.

visits to popular nfoWorks pages

Locations of visitors to nfoWorks

More Information

Hamilton, Dennis E.
SHA1DKx Concept.   nfoWorks nfoNote folio n120802 0.00, September 5, 2012.  Accessed at <>.
Revision History:
0.01 2012-05-11-13:35 Placeholder
0.00 2012-09-02-14:17 Establish Placeholder for Pending Material
Also start a job jar page for recording work items for building more content. 

Construction Structure (Hard Hat Area)

Creative Commons License You are navigating nfoWorks.
This work is licensed under a
Creative Commons Attribution 2.5 License.

created 2012-08-29-15:17 -0700 (pdt) by orcmid
$$Author: Orcmid $
$$Date: 17-06-14 20:22 $
$$Revision: 115 $