[aerogear-dev] Encrypted Data and IVs

Corinne Krych corinnekrych at gmail.com
Wed Nov 6 11:04:12 EST 2013 

Hello Bruno,

Two more questions: I've read [1] that it's good pratice to change IV for each encryption. IV/salt being random and public information can be stored in the header of the encrypted message. See RNCryptor where header is added to encrypted stream with salt and IV[2]. 
1. What do you think of this practise?

2. Going as you suggested (one key/IV/salt per user) we don't necesseraly need the header append to encrypted stream, we could just store those information at application level as suggested by Summers [3] or maybe add them to the keystore as suggested by Christos? Should the encryption API take care of storing them?

Thanks for your answers, much appreciated.
++
Corinne

[1] http://crypto.stackexchange.com/questions/5440/can-i-use-my-random-iv-for-aes-as-a-salt-for-pbkdf2
[2] https://github.com/rnapier/RNCryptor/blob/master/RNCryptor/RNEncryptor.m#L115
[3] http://aerogear-dev.1069024.n5.nabble.com/aerogear-dev-Android-Crypto-API-sample-td5306.html
On Nov 6, 2013, at 4:24 PM, Bruno Oliveira <bruno at abstractj.org> wrote:

> Answers inline.
> 
> Summers Pittman wrote:
>> Checking my thoughts (and hopefully spurring some discussion)
>> 
>> A key (and thus salt) is unique per user.
>> A IV is unique per encrypted message.
> Key into our scenario is a composition of salt, IV, passphrase unique
> per user.
> 
> Not by message.
>> In an key pair, the public key is transmitted to your recipients. The 
>> private key is kept by the user.
>> With a symmetric key, both parties have the key or know how to generate 
>> the key.
>> The same IV has to be present for a message to be reliably encrypted and 
>> decrypted.
> Correct.
>> Now some questions:
>> 
>> How is a PBKDF2 key transmitted so a message can be decrypted?
> For this release we don't have key exchange with the server and make use
> of symmetric encryption to client/server is not the ideal. But let's
> suppose you really want to do it:
> 
> 1. Alice will generate the IV, salt and input the password
> 2. Alice sends the IV and salt to Bob
> 3. Bob receives the IV and salt and call Alice saying "WTF lady, how
> could I decrypt it?"
> 4. Alice answers the phone call and says "hey, my password is: pineapple"
> 
> Now both parties know how to decrypt the message. Into this release we
> are laying the groundwork for the key exchange with the server on the
> next release, this is what KeyPair stands for.
>> In the case of client server how should the IV be generated/transmitted?
> 
> IV can be a public information.
> 
> Let me know if you have more questions.
> 
> -- 
> abstractj
> 
> 
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev

More information about the aerogear-dev mailing list