https://stackoverflow.com/questions/14051313
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianA KDF is typically used for deriving cryptographic keys from things like passphrases, which as you correctly say are not suitable for direct use. But they are also used for deriving additional keys from a master key, which depending on your overall scheme, might be useful.
Suppose you used a key agreement protocol where both parties ended up with a random shared secret. You could use a KDF to derive a key for encryption, and one for message integrity (for example, an HMAC key).
From NIST SP800-108:
When parties share a secret symmetric key (e.g., upon a successful execution of a key- establishment scheme as specified in 1 and [2]), it is often the case that additional keys will be needed (e.g. as described in [3]). Separate keys may be needed for different cryptographic purposes – for example, one key may be required for an encryption algorithm, while another key is intended for use by an integrity protection algorithm, such as a message authentication code. At other times, the distinct keys required by multiple entities may be generated by a trusted party from a single master key. Key derivation functions are used to derive such keys.
The short answer is, no, you don't need to use a KDF, assuming your key generation is correct.
