Home » Developing U++ » UppHub » Encrypted storage with streaming (OpenSSL, AES)
Re: Encrypted storage with streaming (OpenSSL, AES) [message #25402 is a reply to message #25401] |
Mon, 22 February 2010 08:31 |
Mindtraveller
Messages: 917 Registered: August 2007 Location: Russia, Moscow rgn.
|
Experienced Contributor |
|
|
koldo wrote on Mon, 22 February 2010 09:54 | 1) Does it mean that AES cannot be used for saving user files with user defined password ?
However there are programs that include this possibility with AES. For example 7zip offers AES-256 encryption http://www.7-zip.org/7z.html.
2) Is there a standard way to convert a 8 chars user defined password into an useful 256 AES bits key ?
|
1) Cryptography is no miracle, it's just math. If you use weak password, you get weak protection, and no algorithm saves you from it. This means if you want stable and strong protection, you must use stable and strong key. The one of few options here is to use key generated by OpenSSL itself.
You have to consider user password as worst type of key. Also, many passwords are too plain and dumb: 123, 111, 123456, etc. This is bad for cryptography.
Russian programmer Igor Pavlov who wrote 7zip, has chosen to use compromise solution. He takes user password, calculates SHA-256 function for it (AFAIK U++ has its realization too). Then he adds some calculations/changes to that 256-bit value and the final value is used as a key for AES encryption.
This represents fair protection, which is very much stronger than using user password as key, but at some rate weaker protection than with OpenSSL-generated key. In a number of uses it is rather good and satisfactory protection. Also it allows using protection without storing user password itself which is very good practice. But frankly speaking I haven't heard of SHA output as extremely cryptographically strong combination of bytes. This algorithm has another application field (generating unique digest "far" from original bytes).
2) AFAIK there is no "standard" way to convert user password to key. The best way is to use OpenSSL generated key. You may of course use any function like SHA-256 but you must be aware of the crytpographic strongness/weakness you give to user.
[Updated on: Mon, 22 February 2010 08:43] Report message to a moderator
|
|
|
|
|
Encrypted storage with streaming (OpenSSL, AES)
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Thu, 17 September 2009 09:34
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: Weras on Thu, 17 September 2009 19:57
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Thu, 17 September 2009 22:55
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: tojocky on Fri, 18 September 2009 12:28
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Fri, 18 September 2009 13:23
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Fri, 18 September 2009 23:01
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: kasome on Wed, 23 September 2009 03:29
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Sat, 20 February 2010 17:08
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Sun, 21 February 2010 08:07
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Sun, 21 February 2010 10:38
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Sun, 21 February 2010 15:40
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Sun, 21 February 2010 16:01
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Sun, 21 February 2010 19:25
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Mon, 22 February 2010 07:54
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Mon, 22 February 2010 08:50
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Mon, 22 February 2010 11:55
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Mon, 22 February 2010 12:46
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: tojocky on Mon, 22 February 2010 15:19
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Mon, 22 February 2010 16:46
|
|
|
Building with MSC9
By: kohait00 on Wed, 03 March 2010 23:17
|
|
|
Re: Building with MSC9
By: koldo on Sat, 06 March 2010 01:49
|
|
|
Re: Building with MSC9
By: kohait00 on Sun, 07 March 2010 11:24
|
|
|
Re: Building with MSC9
By: koldo on Sun, 07 March 2010 13:47
|
|
|
Re: Building with MSC9
By: kohait00 on Sun, 07 March 2010 16:08
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Wed, 10 March 2010 17:09
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: kohait00 on Wed, 10 March 2010 20:54
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Wed, 10 March 2010 21:33
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: kohait00 on Wed, 10 March 2010 22:36
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Thu, 11 March 2010 09:12
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: kohait00 on Thu, 11 March 2010 10:29
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Thu, 11 March 2010 11:01
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: koldo on Sun, 14 March 2010 15:27
|
|
|
bazaar: DeEncrypter
By: kohait00 on Thu, 05 August 2010 21:09
|
|
|
Re: bazaar: DeEncrypter
|
|
|
Re: bazaar: DeEncrypter
By: kohait00 on Sun, 08 August 2010 11:05
|
|
|
Re: bazaar: DeEncrypter
|
|
|
Re: bazaar: DeEncrypter
By: kohait00 on Tue, 10 August 2010 15:46
|
|
|
Re: bazaar: DeEncrypter
|
|
|
Re: bazaar: DeEncrypter
By: kohait00 on Tue, 10 August 2010 21:42
|
|
|
Re: bazaar: DeEncrypter
|
|
|
Re: bazaar: DeEncrypter
By: koldo on Wed, 11 August 2010 15:29
|
|
|
Re: bazaar: DeEncrypter
|
|
|
Re: bazaar: DeEncrypter
By: koldo on Thu, 12 August 2010 13:54
|
|
|
Re: bazaar: DeEncrypter
By: kohait00 on Tue, 17 August 2010 15:58
|
|
|
Re: bazaar: DeEncrypter
By: koldo on Fri, 25 February 2011 18:52
|
|
|
Re: bazaar: DeEncrypter
|
|
|
Re: Encrypted storage with streaming (OpenSSL, AES)
By: Alboni on Fri, 23 August 2013 01:59
|
Goto Forum:
Current Time: Mon May 13 21:18:35 CEST 2024
Total time taken to generate the page: 0.02755 seconds
|