[aerogear-dev] Encrypted Data and IVs
Corinne Krych
corinnekrych at gmail.com
Wed Nov 6 11:04:12 EST 2013
Hello Bruno,
Two more questions: I've read [1] that it's good pratice to change IV for each encryption. IV/salt being random and public information can be stored in the header of the encrypted message. See RNCryptor where header is added to encrypted stream with salt and IV[2].
1. What do you think of this practise?
2. Going as you suggested (one key/IV/salt per user) we don't necesseraly need the header append to encrypted stream, we could just store those information at application level as suggested by Summers [3] or maybe add them to the keystore as suggested by Christos? Should the encryption API take care of storing them?
Thanks for your answers, much appreciated.
++
Corinne
[1] http://crypto.stackexchange.com/questions/5440/can-i-use-my-random-iv-for-aes-as-a-salt-for-pbkdf2
[2] https://github.com/rnapier/RNCryptor/blob/master/RNCryptor/RNEncryptor.m#L115
[3] http://aerogear-dev.1069024.n5.nabble.com/aerogear-dev-Android-Crypto-API-sample-td5306.html
On Nov 6, 2013, at 4:24 PM, Bruno Oliveira <bruno at abstractj.org> wrote:
> Answers inline.
>
> Summers Pittman wrote:
>> Checking my thoughts (and hopefully spurring some discussion)
>>
>> A key (and thus salt) is unique per user.
>> A IV is unique per encrypted message.
> Key into our scenario is a composition of salt, IV, passphrase unique
> per user.
>
> Not by message.
>> In an key pair, the public key is transmitted to your recipients. The
>> private key is kept by the user.
>> With a symmetric key, both parties have the key or know how to generate
>> the key.
>> The same IV has to be present for a message to be reliably encrypted and
>> decrypted.
> Correct.
>> Now some questions:
>>
>> How is a PBKDF2 key transmitted so a message can be decrypted?
> For this release we don't have key exchange with the server and make use
> of symmetric encryption to client/server is not the ideal. But let's
> suppose you really want to do it:
>
> 1. Alice will generate the IV, salt and input the password
> 2. Alice sends the IV and salt to Bob
> 3. Bob receives the IV and salt and call Alice saying "WTF lady, how
> could I decrypt it?"
> 4. Alice answers the phone call and says "hey, my password is: pineapple"
>
> Now both parties know how to decrypt the message. Into this release we
> are laying the groundwork for the key exchange with the server on the
> next release, this is what KeyPair stands for.
>> In the case of client server how should the IV be generated/transmitted?
>
> IV can be a public information.
>
> Let me know if you have more questions.
>
> --
> abstractj
>
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
More information about the aerogear-dev
mailing list