Marek Marcola wrote:
Hello,
Ok I have taken comment so far and this is my plan - if I am way off
please let me know
create a public salt (anyone can see this and will) of X length (128bits)
take sha512 hash of file to be encryted (and keep it)
supply a password to the pbkdf2 - to create a 256bit key for my AES256
CFB encryption
use the hash with same salt in pbkdf2 and create a 128 bit iv
Encrypt the file and leave it anywhere in public for me to get later
(even in an untrusted place).
Would this work and where are the weaknesses in the plan?
Yes, this will work but "standard" method for this is to:
- choice a password (secret)
- choice a iteration count (secret, in OpenSSL default is 1
but suggested value is > 1000)
- choice a salt (public)
- put all that to pbkdf2 and get from this function 32+16 bytes
- use first 32 as AES256 key, use next 16 bytes as IV
In this situation salt must be distributed with encrypted file
(in OpenSSL salt is added as special formated first line
in encrypted file).
Best regards,
I like your plan and the fact openssl transmits the salt (brilliant,
but how does it know this - is there a pbkdf2 in openssl as I have a
python one), rather than transmitting or remembering the iteration
count can this be calculated from the password ? os is that insecure.
In reality I only want to remeber a password but as in all good stuff
want everyone to see the source of my code.
David
|
begin:vcard
fn:David Irvine
n:;David Irvine
org:Ayrshire Business Consulting Ltd.
adr:;;3 Wellington Square ;Ayr;Ayrshire;KA71EN;Scotland
email;internet:[EMAIL PROTECTED]
tel;cell:+44(0)7977583031
x-mozilla-html:TRUE
url:http://www.open-source-consulting.org
version:2.1
end:vcard
