HKDF
Derive one or more keys from a shared secret with HKDF. Paste your data, then click to dissect it. Everything runs on your device, nothing is sent to a server.
Everything runs in your browser. Your data is never sent to our servers.
Example
Example Input
(shared secret hex)
Example Output
Derived key (hex): 7c4d…
How to Use
- 1Paste your data (PEM/Base64/token) into the Input field.
- 2Click the button (or press Ctrl+Enter) to dissect it.
- 3Read the decoded result in the Output field.
About HKDF
HKDF (HMAC-based Key Derivation Function) is designed to turn high-entropy secret material (e.g. an ECDH/X25519 result) into one or more strong, separate keys.
This tool takes input keying material, an optional salt, and an "info" string (context/label) to bind the key to a specific purpose. The output length is adjustable.
HKDF is the right choice AFTER a key exchange: do not use a raw shared secret as a key — run it through HKDF first. For keys from a password (low entropy), use PBKDF2/scrypt.
FAQ
Are my data or keys sent to a server?
No. HKDF runs entirely in your browser using the Web Crypto API and client-side libraries. Your data, passwords, and keys never leave your device.