menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Cryptography News

>

AES Encryp...
source image

Medium

4d

read

397

img
dot

AES Encryption Keys (password hashing)

  • AES Encryption Keys (password hashing) relies on a password of sufficient length and the non deterministic factor of indistinguishable random data. However, passwords as user inputs do not make for good encryption keys. To use passwords for encryption, a key derivation function must be applied which generates derived keys. Key derivation functions work by utilizing unique random salt to make pre-calculated rainbow tables infeasible. Furthermore, the salt should be stored with the password to ensure it is public, thus rendering the hash with the same password looking different. Weak keys refer to cryptographically secure generated keys, which makes an encryption algorithm vulnerable to an exploit.
  • For good encryption keys, a minimum length, determined by the AES encryption algorithm, is required. AES+CBC encryption necessitates a minimum length of 16 bytes, while AES+GCM can work with 12 bytes, although 16 bytes is suggested. To use passwords for encryption, a Key Derivation Function (KDF) is required to generate derived keys like argon2, bcrypt, and scrypt. Key derivation functions must be slow and some like argon2 are designed to take up a substantial amount of memory such that calculations on GPUs are not possible, to deter brute force attacks against offline stolen data.
  • Argon2 is considered the best KDF to use for password key derivation, with Argon2id being its most secure mode. Unfortunately, allot of encryption starts with user-supplied passwords, which are not random inputs of sufficient length making them 'easily' guessed by a bruteforce attack. To protect passwords from such attacks, the password's hash must not be stored and must be encrypted with the hash itself. Although offline bruteforce attacks on remote login systems are improbable, offline attacks on stolen data can be quite effective.
  • Weak keys, although generally not a concern in AES encryption, can pose a problem in the AES+GCM mode, which has several published papers on weak keys and can make the encryption algorithm vulnerable to an exploit. Ultimately, the GCM mode would best be used for anything with short-lived keys and not for disk encryption where keys and ciphers live longer. Another noteworthy point is that although salts are not secret and are public, they make pre-calculated rainbow tables infeasible and as such the salt should be stored with the password.
  • In conclusion, the use of derived keys in KDFs is a more secure way to encrypt data since passwords as user inputs do not make for good keys. However, even with a decent hashing algorithm and a random unique salt, it is still a possibility that your hash and salt may be exposed. As such, unique and strong passwords are recommended to prevent such password cracking attempts.

Read Full Article

like

23 Likes

For uninterrupted reading, download the app