PBKDF2
Iterated HMAC. Password + salt + iteration count → derived key. Old standard. Weak: no memory-hardness (GPU-friendly).
Advertisement
HKDF
Extract-then-expand. Extract: HMAC input into pseudorandom key. Expand: derive multiple keys of specific purpose. TLS 1.3 uses.
Advertisement
Argon2 vs PBKDF2 for passwords
Argon2id preferred for new. PBKDF2 still acceptable with 600k+ iterations (OWASP 2023).
scrypt
Between PBKDF2 and Argon2. Memory-hard. Still valid. Litecoin proof-of-work is scrypt variant.