Key Derivation
Key derivation generates cryptographic keys from a password or seed using functions like PBKDF2 (a KDF) to slow brute-force attacks and enhance security in wallets.
What Is a Key Derivation?
A Key Derivation is a cryptographic process that generates one or more secret keys from a primary secret, such as a password, passphrase, or random seed. Developers use key derivation functions (KDFs) to transform weak or low-entropy inputs into strong, unpredictable keys suitable for encryption or signing.
Key derivation works by applying a slow, computationally intensive hash function repeatedly to the input. It combines the secret with a unique salt (random data) and performs thousands of iterations. For example, PBKDF2 (Password-Based Key Derivation Function 2) hashes the input using HMAC-SHA256 in a loop. Modern alternatives like scrypt or Argon2 add memory hardness to resist GPU-accelerated attacks. This key stretching makes brute-force guessing impractical.
Key derivation matters in cryptocurrency because wallets derive private keys from mnemonic seeds (BIP39) or user passwords. It protects funds against offline attacks where attackers guess passphrases. Without it, weak passwords fall quickly to dictionary attacks.
Common types include
- PBKDF2: Iteration-based, widely used in legacy systems.
- scrypt: Memory-intensive, resists ASIC hardware.
- Argon2: Winner of the Password Hashing Competition, balances CPU, memory, and parallelism resistance.
A passphrase is an additional security layer for cryptocurrency wallets, acting as a 25th word in the BIP39 seed phrase, protecting access to hidden wallets.
Read full definitionEntropy is the randomness used to generate secure cryptographic keys or seeds in blockchain and cryptocurrency systems.
Read full definitionSHA-256 is a cryptographic hash function that produces a fixed 256-bit output from any input. In blockchain, Bitcoin uses it for proof-of-work mining, block hashing, and transaction IDs.
Read full definitionCryptocurrency is a digital or virtual currency secured by cryptography, operating on decentralized blockchain networks to enable secure, peer-to-peer transactions.
Read full definitionBIP39 is a standard for generating mnemonic seed phrases that are used to create deterministic wallets and securely back up cryptocurrency private keys.
Read full definitionReal-World Examples
Example 1: BIP39 Mnemonic Seed in Wallets
Users generate a 12- or 24-word mnemonic seed phrase. Wallet software applies PBKDF2 with 2048 iterations of HMAC-SHA512 to derive the master private key. This turns the human-readable words into a secure 512-bit seed.
mnemonic → PBKDF2(salt="mnemonic" + passphrase, iterations=2048) → master seed
Attackers need billions of years to brute-force without knowing the exact phrase.
Example 2: Hardware Wallet Passphrase (BIP39)
Ledger or Trezor users enter an optional passphrase alongside the seed. The device derives a unique master key using PBKDF2. Each passphrase creates a (plausible deniability).
seed + "mysecretpass" → PBKDF2 → hidden wallet keys
This protects funds if the device is seized.
Example 3: Password-Protected Software Wallets
Electrum wallet encrypts the wallet file with a user password. It uses scrypt to derive an encryption key, resisting GPU cracking due to high memory use.
- Password + salt → scrypt(N=16384, r=8, p=1) → AES key
Weak passwords become secure against offline dictionary attacks.
Example 4: Argon2 in Modern Applications
Newer wallets like those using Argon2id derive keys from passwords. It balances CPU time, memory (1 GiB), and parallelism to thwart ASICs and multi-core attacks.
password + salt → Argon2id(time=3, memory=1GB) → signing key
BIP39 is a standard for generating mnemonic seed phrases that are used to create deterministic wallets and securely back up cryptocurrency private keys.
Read full definitionA mnemonic phrase is a set of words that stores a cryptocurrency wallet's private keys, allowing users to recover access if lost.
Read full definitionA passphrase is an additional security layer for cryptocurrency wallets, acting as a 25th word in the BIP39 seed phrase, protecting access to hidden wallets.
Read full definitionLedger is a brand of hardware wallets that securely store cryptocurrency private keys offline, such as the Ledger Nano series.
Read full definitionTrezor is a hardware wallet by SatoshiLabs. It stores private keys offline to secure cryptocurrencies.
Read full definitionPlausible Deniability refers to the ability to deny knowledge or possession of cryptocurrency by using techniques like decoy wallets or hidden volumes, ensuring privacy under duress.
Read full definitionElectrum is a lightweight Bitcoin wallet that allows users to store, send, and receive Bitcoin securely. It is known for its speed and low resource usage.
Read full definitionReady to Choose a Secure Wallet?
Use our tools to find the right hardware wallet for your needs.