Re: Choosing encryption method?
From: Michel Gallant (neutron_at_istar.ca)
Date: 04/26/04
- Next message: Shawn Farkas: "Re: Choosing encryption method?"
- Previous message: Bravery: "Directory.GetFiles Across Servers"
- In reply to: Ayende Rahien: "Re: Choosing encryption method?"
- Next in thread: Alek Davis: "Re: Choosing encryption method?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 26 Apr 2004 16:53:41 -0400
With symmetric ciphers, apart form bad padding which is trivial,
you can't tell if you have decrypted successfully except from the context
of what you are expecting for the decrypted content.
This is nicely discussed here:
http://groups.google.com/groups?selm=1997Oct31.231555.1%40eisner
(p 10 "The Great Crypto Debate").
This is different than asymmetric encryption where you can indeed verify if
you have broken the key (since you can reconstruct and verify the modulus directly).
- Mitch
"Ayende Rahien" <Ayende@nospam.com> wrote in message news:eFIe458KEHA.1120@TK2MSFTNGP11.phx.gbl...
> I'll check that out, thanks.
>
> Another question, how can I tell if I'm decrypting with the wrong
> password? Having garbage data is too late, I think ;-)
>
> Michel Gallant wrote:
>
> > You are manually trying to do what password-derived symmetric
> > encryption already does (derives a symmetric key from hash of pswd etc..).
> > See comments here:
> > http://www.jensign.com/JavaScience/dotnet/SimCryptNET
> > and details of adding extra entropy to weak passwords here:
> > http://www.jensign.com/JavaScience/dotnet/SimCryptNET/indexdetails.html
> >
> > - Mitch Gallant
> > MVP Security
> >
> > "Ayende Rahien" <Ayende@nospam.com> wrote in message
news:%23slvMN8KEHA.2012@TK2MSFTNGP11.phx.gbl...
> >
> >>I want to secure sensitive data (bank & money) using
> >>System.Security.Cryptography, my problem is what strategy to take?
> >>
> >>The requirements (in order of importance):
> >>0> Has to work on Win9x (so CryptoAPI is probably out)
> >>1> Has to survive client's reinstalls - moving to another computer, etc.
> >>2> As secure as possible.
> >>3> Datasets of a few MB.
> >>4> Require resounable performance.
> >>5> Data is usually text (XML data)
> >>
> >>
> >>At first I thought about using RjindaelManaged with a user-generated
> >>password.
> >>The way I'm doing it is SHA386 the password, grab the first 256 bits for
> >>key and the rest for IV, and the encrypting it.
> >>The question is how secure it is? I understand that using a password
> >>choosen by the user (and it'll have to be this) weaken the bit-range of
> >>the encryption, but does SHAing the password helps?
> >>
> >>I suppose I could generate a random key and use asymmertric encryption,
> >>but then I face the same problem, how do I survive a reinstall/moving to
> >>another computer?
> >>
> >>Any other suggestions would be appriciated.
> >>
> >>Thanks in advance,
> >>Ayende Rahien
> >
> >
> >
- Next message: Shawn Farkas: "Re: Choosing encryption method?"
- Previous message: Bravery: "Directory.GetFiles Across Servers"
- In reply to: Ayende Rahien: "Re: Choosing encryption method?"
- Next in thread: Alek Davis: "Re: Choosing encryption method?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
