The point of key derivation is that it can use a key to encrypt that is in turn protected by another key/password. So the amount necessary to re-encrypt when your password changes is just the encryption applied to the key. A similar technique is used in local disk encryption, where you don’t need to spend hours re-encrypting your hard drive just because you’ve changed your local account password...
Then it must need my password to decrypt the key which was used to encrypt the raw data? What if I do not tell them my password, (assuming my password is one way hashed and stored) would that brick the key and in turn brick the data? Clearly I am missing something here..
Edit: or since it is "derived" and not really password which is used for encryption -- the derived thing could well be the hashed password. We are doomed. They might as well serial number their user and use that as key then. Never mind.
You’re overthinking it. Create a private key. Protect that key with a pass phrase. If you change your password, you’re really changing the pass phrase.
Does that clear it up at all?
FYI these concepts are originated from military crypto. The foundations are solid. Implementation... well you know how that always is.... one CVE away from perfect!!
