Pseudorandom Function (PRF)

A Pseudorandom Function (PRF) is a deterministic algorithm used in cryptography that will produce what appears to be random values. This differs from something like a Random Number Generator (RNG) in that a PRF is designed to take certain inputs (like a secret key) in conjunction with a deterministic algorithm to produce additional values that give the appearance of being highly random. A goal is that such well-designed PRFs are indistinguishable from truly random sources.

The AES algorithm is one such tool for creating pseudorandom values. Some implementations will provide AES with an input key that is random and then encrypt the value 1, 2, 3, etc. The resulting output appears to be highly random. Since each block is encrypted with a unique integer value ranging from 0 to (2^128)-1, each block of ciphertext would appear to be entirely random. This works well for up to 2^64-1, after which it is recommended to either rekey or use a different algorithm. NIST SP 800-38B and RFC 4493 define CMAC, which is effectively a PRF that works well with AES as the block cipher.

Another popular PRF is HMAC-SHA256. This algorithm does not rely on encrypting, but merely a well-defined hash function with a random input key. This is used, for example, in HKDF.

Resources: NIST SP 800-38B, RFC 4493

See Also: Advanced Encryption Standard (AES)