A key derivation function is a function that derives one or more secret keys from a secret value and/or other know information. Password-based key derivation functions derive the secret keys from secret passwords or passphrases, which typically do not have the desired properties to be used directly as cryptographic keys.
Key derivation functions often have a sub-function (e.g. a hash function or block encryption/decryption) that gets executed many times. This makes the key derivation function deliberately slower so as to impede dictionary and brute-force attacks. The number of times that the sub-function gets executed is based on an iteration count (I) which is usually fixed or part of transmitted and/or stored operating parameters. The higher the iteration count (I), the higher the computational work on an attacker who attempts to crack the password by trying different guesses of the password. However, a large iteration count (I) also increases the cost of the key derivation process for an authorized user of the system.
An example of a modern password-based key derivation function is PBKDF2 (specified in RFC 2898. PBKDF2 recommends a minimum of 1000 iterations. However, it may not always be necessary to do so many iterations if the password chosen is one that is deemed to be strong, because brute-force attacks are less effective for strong passwords. Strong passwords are generally more difficult to crack.
Accordingly, what is desired is a more efficient and flexible password-based key derivation function which does not compromise its key strengthening objectives.