In cryptography, domain separation is a construct used to implement multiple different functions using only one underlying template in an efficient way.
Since creating a new cryptographic primitive from scratch each time an RO is needed is impractical, multiple ROs (say, RO1 and RO2) are produced by prepending unique domain separation tags (DSTs, also known as domain separators) to the input of a base oracle RO: where "RO1" and "RO2" are the strings representing the unique DSTs and || is a concatenation operator.
[5] The domain separation construct can be used for multiple purposes: In the practical sense, the domain separation can provide "customization", an equivalent of the strong typing in programming: it enforces the use of independent calculations for different tasks, so an attacker that had learned a result of one calculation will get no information about another one.
[12] Also, just like hash functions, some symmetric ciphers and MACs use domain separation internally.
[13] In many cases, it is desirable to use a single signing key to produce digital signatures for different purposes.