See more on Chunks in general.

Derived Key

A derived key generates a new key from an existing key. In its simplest form, this is the same as how derived keys are used implicitly by various algorithms. This may be used to form a session key. It can also be used to combine several existing keys such that all of the base keys are required. Finally, it can be used to stretch a low-entropy key.


The payload consists of a derivation string, an iteration count, and one or more base keys.

Derivation Parameter

The derivation parameter, an lpbinary, is the string fed to the hash along with the base key in order to form the new key. Note that it is binary, so it does not have to be legal UTF-8. It may be a random sequence of bytes.

Iteration Count

This uintV is used just like the Stretchcount of a Passphrase Key.

Base Keys

This is a sequence of 1 or more uintVs. They are Instance Numbers of other KEYD chunks to use as the base keys. Being the last thing in the record, a parser just takes whatever is left and no count is needed.

Derived Key Algorithm

Let X ← CrypHash (“KEYD68” || Derivation || Base1 || ... || BaseN ).
For i (1..iteration_count)
 X ← CrypHash (X).
Return X.

Payload is: lpstring for derivation parameter, uintV for iteration count, and 1 or more uintV's for other key definitions. Nominated keys are concatenated together along with the derivation parameter to form message; then iterate the hash N times on that message (prepending previous result).

Valid HTML 4.01!

Page content copyright 2003 by John M. Dlugosz. Home:,