Answer the question
In order to leave comments, you need to log in
T
T
Tikot2016-06-11 11:42:24
Tikot, 2016-06-11 11:42:24
How to generate a key from a password?
I am writing a program for encryption. There was a question - how to generate a key from the text password entered by the user. The most common is PBKDF2. It is not planned to store password hashes, the program will simply take the entered password, generate a key based on it and encrypt / decrypt it. Actually, the question is: is it necessary to use PBKDF2 at all or a similar solution with salt (despite the fact that the hash is not stored, then the salt will be absent). How do normal cryptographers do it?
If I store a long random password in encrypted form with the file, then this password must be encrypted with the key entered by the user or by a function of the PBKDF2 type from the key entered by the user.
E(K)(PlainText) + E(k)(K) or E(K)(PlainText) + E(PBKDF2(k))(K)
K - random 256 bit key;
k - user key;
3 answer(s)
@alsopub
@Tikot
A
Alexey, 2016-06-11 @alsopub
Cryptographers seem to do so.
Encryption.
A long encryption key is generated for the current algorithm.
Data is encrypted with a long key.
This key is encrypted with a password and stored with the data.
Decryption.
The stored encrypted key is decrypted with the entered password.
The result is decrypted data.
The checksum is checked to check whether it was unpacked correctly or not (password matched or not).
T
Tikot, 2016-06-11 @Tikot
And the user's key (which encrypts the generated random key to encrypt the file), shouldn't it go through something like PBKDF2 to make it difficult to calculate the encryption key by iterating over the user's key?
Similar questions
N
naruto_hokagi2018-03-24 21:00:37
For which elements is there an inverse element (Hill's method)?
1Reply
F
I
V
U
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question