AES 256 bit key. What to do with it?

Toggle sidebar Toggle sidebar
G

Graze

Senior member
Nov 27, 2012
468
1
0
I am working on a program that encrypts stuff using a 256 bit key(32 character).

What is the best what to handle this?
Should I just have the person enter a password and then generate the key using some hash. The hash itself I am assuming doesn't need to be too complex being that this is not a password per say but a key.
 
G

Graze

Senior member
Nov 27, 2012
468
1
0
Cool thanks. I dont even see the use of encrypting the IV though. That will remain embed in the encrypted file as a simple hash for sure.
 
M

Mark R

Diamond Member
Oct 9, 1999
8,513
16
81
What are you encrypting and how do you intend to manage keys? This will determine your overall system design.

You may find that generating a random 256 bit key for each encrypted object is a good idea. You then encrypt that key with an individual user's key. If 10 users need access to that file, you encrypt the 256 bit key with each user's key, and store the 10 encrypted copies. This allows multiple different keys to decrypt one copy of an encrypted data object,

Passwords are very weak compared with 256 bit or 128 bit keys. You throw away much of the security of a 256 or 128 bit key, if you depend on a password (even a passphrase). You need to use a proper key derivation algorithm (such as PBKDF) to avoid brute force attacks; it is important not to use a standard hash algorithm. Key derivation algos are designed to be super slow and super CPU/RAM intensive, so that they can't be brute forced like a hash can.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom