Hashing and key derivation
Hashing was the first operation we covered in this book, in Chapter 3, File and Password Hashing with Node.js. As you will recall, hashing functions can be used for a variety of purposes, including the following:
- Calculating the checksum (or digest) of a document or file. For this specific scenario, we recommended the use of the SHA-2 family of hashes (including SHA-256, SHA-384, and SHA-512).
- Hashing passwords before they're stored in a database. In this case, we recommended using algorithms in the Argon2 suite or scrypt.
- Deriving symmetric encryption keys from low-entropy inputs such as passphrases, as we saw in Chapter 4, Symmetric Encryption in Node.js. For this scenario, we once again recommended using Argon2 or scrypt.
Support for calculating digests with SHA-2 is built into the Web Platform, and at the time of writing, it is one of the only two hashing algorithms that have been standardized and are available in all browsers...
