[Cryptography] Recommendations for short AES passphrases
Jon Callas
jon at callas.org
Fri Sep 16 15:24:34 EDT 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
I read what you're doing and my question is -- what problem are you actually trying to solve? You need to examine that, first and have a clear description. It's very easy to get lost in the weeds of details and lose sight of what you're doing.
Let me rewind all the way to the top -- a password (passphrase). Breaking that password, by guessing it or stealing it short-circuits everything else.
A password KDF like PBKDF2 has two purposes -- one is to whiten the password out to a full key size (if you need me to describe what I mean by "whiten" just say so), and also to slow down a brute force key search.
The iteration count slows down the search. We can also have a long discussion of that, in general. But 1000 is way too low. You really want to be doing much more. There's nothing wrong with having a significant fraction of a second in wait time there, but this also gets us back to what problem you're trying to solve.
You're asking us about solutions without stating the problem. The discussion might be interesting, but it's only going to help you by luck.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 3.3.0 (Build 9060)
Charset: us-ascii
wsBVAwUBV9xG9PaTaG6hZJn9AQjRhAf/d0/ExYtRsPHsCcqPJO7gHCD5036C7CYh
TGHC7qvR++NVSwC2yiHPMTttGBCEIunlC2ap0NkCN9laEPvPQFpwJ3lNVIs4mKmj
/NqjM2hjKUxTAhLEFkyP6nAEIjmjcl4w8kMU9R0Z2SuUwk76O6Hrvb7Lwrm83jnU
99cY+jUgdflk/i0vtFHpVO5w8BWil0elvIeZvjGdr02VDPlMLysSsyG2Q/K7B0Ey
MsyN19gQngtvs5VStAgWLky0b3vBx+aIH390HIEvpd2Ygi5n/beO6l3U1qRs53y8
VMRDPDNQPOwBNUz7FXCvHXs6sVwdFWvxnFtBPh3HIEsqkGuOZKW+Fg==
=TD7R
-----END PGP SIGNATURE-----
More information about the cryptography
mailing list