We present the first general construction of a Multi-Factor Key Derivation Function (MFKDF). Our function expands upon password-based key derivation functions (PBKDFs) with support for using other popular authentication factors like TOTP, HOTP, and hardware tokens in the key derivation process. In doing so, it provides an exponential security improvement over PBKDFs with less than 12 ms of additional computational overhead in a typical web browser. We further present a threshold MFKDF construction, allowing for client-side key recovery and reconstitution if a factor is lost. Finally, by "stacking" derived keys, we provide a means of cryptographically enforcing arbitrarily specific key derivation policies. The result is a paradigm shift toward direct cryptographic protection of user data using all available authentication factors, with no noticeable change to the user experience. We demonstrate the ability of our solution to not only significantly improve the security of existing systems implementing PBKDFs, but also to enable new applications where PBKDFs would not be considered a feasible approach.

翻译：我们首次提出了多因素密钥派生函数（MFKDF）的通用构造方法。该函数在基于密码的密钥派生函数（PBKDF）基础上进行了扩展，支持在密钥派生过程中使用其他常用认证因素，如TOTP、HOTP和硬件令牌。通过这一设计，相比PBKDF，其安全性呈指数级提升，而在典型Web浏览器中仅增加不到12毫秒的计算开销。我们进一步提出了门限MFKDF构造，允许在丢失某个因素时通过客户端进行密钥恢复与重建。最后，通过“堆叠”派生密钥，我们提供了一种以密码学方式强制实施任意特定密钥派生策略的方法。这一成果带来了范式转变：利用所有可用认证因素对用户数据进行直接密码学保护，而用户体验几乎无显著变化。我们证明，该方案不仅能显著提升现有采用PBKDF的系统的安全性，还能支持PBKDF被视为不可行方案的全新应用场景。