Transforming passwords into cryptographic keys
Problem: Passwords are low-entropy (easily guessable). Directly hashing them is vulnerable to:
• Rainbow tables: Precomputed hash lookups
• Brute force: Modern GPUs can compute billions of hashes/second
Solution: KDFs add:
• Salt: Random value makes each hash unique, defeating rainbow tables
• Iterations: Slows down computation, making brute force expensive
• Memory hardness: (Argon2) Requires RAM, limiting parallel GPU attacks