DEV Community


Discussion on: (Very) Basic Intro to Key Derivation Functions (Argon2, Scrypt, etc)

franky47 profile image
François Best

What are the use-cases for doing key strengthening the way you describe it ? If you throw the salt away, there is no way to replicate the process, so it would not work for operations like password-based auth, but I'm genuinely interested in knowing other use-cases for single-use key generation (post key agreement strengthening, maybe ?)

wagslane profile image
Lane Wagner Author

Good question, truth be told I've had a couple of discussions with others about this subject as well, and I'm not sure how useful this is. Maybe the method of determining the salt is well known to participants so there is no need to keep it around.