Re: Is storing MD5 hash of key with ciphertext safe?
From: Paul Rubin (//phr.cx_at_NOSPAM.invalid)
Date: 12/23/03
- Next message: Tom St Denis: "Re: Key usage"
- Previous message: Mok-Kong Shen: "Re: Key usage"
- In reply to: brett: "Is storing MD5 hash of key with ciphertext safe?"
- Next in thread: David Wagner: "Re: Is storing MD5 hash of key with ciphertext safe?"
- Reply: David Wagner: "Re: Is storing MD5 hash of key with ciphertext safe?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 23 Dec 2003 12:59:22 -0800
brett <brett@eecs.tufts.edu> writes:
> Ive got a text file im storing in a mySql database encrypted with Rijndael
> 128 in CFB mode. The key (and also the initialization vector) is the md5
> hash of a plain text passphrase.
Don't use the key as an IV. Generate a random IV and store it.
Don't store the hashed key. Use the passphrase to generate a MAC key
(separate from the encryption key) and MAC the plaintext and store the MAC.
Example:
encryption_key = md5("encrypt:" + passphrase)
auth_key = md5("auth:" + passphrase)
and use these two keys to encrypt and MAC the file. You can also use
a combined encryption+MAC mode. Do not operate without a MAC.
- Next message: Tom St Denis: "Re: Key usage"
- Previous message: Mok-Kong Shen: "Re: Key usage"
- In reply to: brett: "Is storing MD5 hash of key with ciphertext safe?"
- Next in thread: David Wagner: "Re: Is storing MD5 hash of key with ciphertext safe?"
- Reply: David Wagner: "Re: Is storing MD5 hash of key with ciphertext safe?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
