U++ forum: Welcome to the forum

Status & Roadmap

Authors & License

Funding Ultimate++

Search on this site

Search in forums

Home » Developing U++ » UppHub » Encrypted storage with streaming (OpenSSL, AES)

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Return to the default flat view

Create a new topic

Submit Reply

Re: Encrypted storage with streaming (OpenSSL, AES) [message #25402 is a reply to message #25401]

Mon, 22 February 2010 08:31

Mindtraveller is currently offline

Mindtraveller
Messages: 917
Registered: August 2007
Location: Russia, Moscow rgn.

Experienced Contributor

koldo wrote on Mon, 22 February 2010 09:54

1) Does it mean that AES cannot be used for saving user files with user defined password ?

However there are programs that include this possibility with AES. For example 7zip offers AES-256 encryption http://www.7-zip.org/7z.html.

2) Is there a standard way to convert a 8 chars user defined password into an useful 256 AES bits key ?

1) Cryptography is no miracle, it's just math. If you use weak password, you get weak protection, and no algorithm saves you from it. This means if you want stable and strong protection, you must use stable and strong key. The one of few options here is to use key generated by OpenSSL itself.

You have to consider user password as worst type of key. Also, many passwords are too plain and dumb: 123, 111, 123456, etc. This is bad for cryptography.

Russian programmer Igor Pavlov who wrote 7zip, has chosen to use compromise solution. He takes user password, calculates SHA-256 function for it (AFAIK U++ has its realization too). Then he adds some calculations/changes to that 256-bit value and the final value is used as a key for AES encryption.

This represents fair protection, which is very much stronger than using user password as key, but at some rate weaker protection than with OpenSSL-generated key. In a number of uses it is rather good and satisfactory protection. Also it allows using protection without storing user password itself which is very good practice. But frankly speaking I haven't heard of SHA output as extremely cryptographically strong combination of bytes. This algorithm has another application field (generating unique digest "far" from original bytes).

2) AFAIK there is no "standard" way to convert user password to key. The best way is to use OpenSSL generated key. You may of course use any function like SHA-256 but you must be aware of the crytpographic strongness/weakness you give to user.

[Updated on: Mon, 22 February 2010 08:43]

Report message to a moderator

Send a private message to this user

[Message index]

		Encrypted storage with streaming (OpenSSL, AES) By: Mindtraveller on Wed, 16 September 2009 22:17
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Thu, 17 September 2009 09:34
		Re: Encrypted storage with streaming (OpenSSL, AES) By: Weras on Thu, 17 September 2009 19:57
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Thu, 17 September 2009 22:55
		Re: Encrypted storage with streaming (OpenSSL, AES) By: Mindtraveller on Fri, 18 September 2009 11:20
		Re: Encrypted storage with streaming (OpenSSL, AES) By: tojocky on Fri, 18 September 2009 12:28
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Fri, 18 September 2009 13:23
		Re: Encrypted storage with streaming (OpenSSL, AES) By: Mindtraveller on Fri, 18 September 2009 14:01
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Fri, 18 September 2009 23:01
		Re: Encrypted storage with streaming (OpenSSL, AES) By: kasome on Wed, 23 September 2009 03:29
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Sat, 20 February 2010 17:08
		Re: Encrypted storage with streaming (OpenSSL, AES) By: Mindtraveller on Sat, 20 February 2010 23:19
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Sun, 21 February 2010 08:07
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Sun, 21 February 2010 10:38
		Re: Encrypted storage with streaming (OpenSSL, AES) By: Mindtraveller on Sun, 21 February 2010 12:01
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Sun, 21 February 2010 15:40
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Sun, 21 February 2010 16:01
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Sun, 21 February 2010 19:25
		Re: Encrypted storage with streaming (OpenSSL, AES) By: Mindtraveller on Mon, 22 February 2010 00:48
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Mon, 22 February 2010 07:54
		Re: Encrypted storage with streaming (OpenSSL, AES) By: Mindtraveller on Mon, 22 February 2010 08:31
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Mon, 22 February 2010 08:50
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Mon, 22 February 2010 11:55
		Re: Encrypted storage with streaming (OpenSSL, AES) By: Mindtraveller on Mon, 22 February 2010 12:24
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Mon, 22 February 2010 12:46
		Re: Encrypted storage with streaming (OpenSSL, AES) By: tojocky on Mon, 22 February 2010 15:19
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Mon, 22 February 2010 16:46
		Building with MSC9 By: kohait00 on Wed, 03 March 2010 23:17
		Re: Building with MSC9 By: koldo on Sat, 06 March 2010 01:49
		Re: Building with MSC9 By: kohait00 on Sun, 07 March 2010 11:24
		Re: Building with MSC9 By: koldo on Sun, 07 March 2010 13:47
		Re: Building with MSC9 By: kohait00 on Sun, 07 March 2010 16:08
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Wed, 10 March 2010 17:09
		Re: Encrypted storage with streaming (OpenSSL, AES) By: kohait00 on Wed, 10 March 2010 20:54
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Wed, 10 March 2010 21:33
		Re: Encrypted storage with streaming (OpenSSL, AES) By: kohait00 on Wed, 10 March 2010 22:36
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Thu, 11 March 2010 09:12
		Re: Encrypted storage with streaming (OpenSSL, AES) By: kohait00 on Thu, 11 March 2010 10:29
		Re: Encrypted storage with streaming (OpenSSL, AES) By: Mindtraveller on Thu, 11 March 2010 10:53
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Thu, 11 March 2010 11:01
		Re: Encrypted storage with streaming (OpenSSL, AES) By: Mindtraveller on Fri, 12 March 2010 21:41
		Re: Encrypted storage with streaming (OpenSSL, AES) By: koldo on Sun, 14 March 2010 15:27
		bazaar: DeEncrypter By: kohait00 on Thu, 05 August 2010 21:09
		Re: bazaar: DeEncrypter By: Mindtraveller on Sat, 07 August 2010 07:14
		Re: bazaar: DeEncrypter By: kohait00 on Sun, 08 August 2010 11:05
		Re: bazaar: DeEncrypter By: Mindtraveller on Tue, 10 August 2010 15:33
		Re: bazaar: DeEncrypter By: kohait00 on Tue, 10 August 2010 15:46
		Re: bazaar: DeEncrypter By: Mindtraveller on Tue, 10 August 2010 21:14
		Re: bazaar: DeEncrypter By: kohait00 on Tue, 10 August 2010 21:42
		Re: bazaar: DeEncrypter By: Mindtraveller on Wed, 11 August 2010 09:43
		Re: bazaar: DeEncrypter By: koldo on Wed, 11 August 2010 15:29
		Re: bazaar: DeEncrypter By: Mindtraveller on Thu, 12 August 2010 10:22
		Re: bazaar: DeEncrypter By: koldo on Thu, 12 August 2010 13:54
		Re: bazaar: DeEncrypter By: kohait00 on Tue, 17 August 2010 15:58
		Re: bazaar: DeEncrypter By: koldo on Fri, 25 February 2011 18:52
		Re: bazaar: DeEncrypter By: Mindtraveller on Thu, 21 April 2011 14:28
		Re: Encrypted storage with streaming (OpenSSL, AES) By: Alboni on Fri, 23 August 2013 01:59

Previous Topic:	Protect packages - split code encryption,client and server
Next Topic:	Added single and double linked lists

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

PDF

]

Current Time: Mon May 13 21:18:35 CEST 2024

Total time taken to generate the page: 0.02755 seconds