Search Results

Search found 8 results on 1 pages for 'pbkdf2'.

Page 1/1 | 1 

  • PBKDF2-HMAC-SHA1

    - by Jason
    To generate a valid pairwise master key for a WPA2 network a router uses the PBKDF2-HMAC-SHA1 algorithm. I understand that the sha1 function is performed 4096 times to derive the PMK, however I have two questions about the process. Excuse the pseudo code. 1) How is the input to the first instance of the SHA1 function formatted? SHA1("network_name"+"network_name_length"+"network_password") Is it formatted in that order, is it the hex value of the network name, length and password or straight ASCII? Then from what I gather the 160 bit digest received is fed straight into another round of hashing without any additional salting. Like this: SHA1("160bit digest from last round of hashing") Rise and repeat. 2) Once this occurs 4096 times 256 bits of the output is used as the pairwise master key. What I don't understand is that if SHA1 produces 160bit output, how does the algorithm arrive at the 256bits required for a key? Thanks for the help.

    Read the article

  • Can I specify PBKDF2 rounds to use with LUKS/dm-crypt?

    - by Naftuli Tzvi Kay
    I have encrypted my root partition with dm-crypt/LUKS/cryptsetup on Ubuntu 12.04. Since it uses PBKDF2: Is it possible, during creation of the encrypted disk, to specify a custom amount of PBKDF2 iterations for key derivation? Is it possible, after the encrypted disk has already been created, to modify the amount of PBKDF2 iterations for key derivation? I'd like to make it a little harder to brute-force :)

    Read the article

  • Using MD5 to generate an encryption key from password?

    - by Charles
    I'm writing a simple program for file encryption. Mostly as an academic exercise but possibly for future serious use. All of the heavy lifting is done with third-party libraries, but putting the pieces together in a secure manner is still quite a challenge for the non-cryptographer. Basically, I've got just about everything working the way I think it should. I'm using 128-bit AES for the encryption with a 128-bit key length. I want users to be able to enter in variable-length passwords, so I decided to hash the password with MD5 and then use the hash as the key. I figured this was acceptable--the key is always supposed to be a secret, so there's no reason to worry about collision attacks. Now that I've implemented this, I ran across a couple articles indicating that this is a bad idea. My question is: why? If a good password is chosen, the cipher is supposed to be strong enough on its own to never reveal the key except via an extraordinary (read: currently infeasible) brute-force effort, right? Should I be using something like PBKDF2 to generate the key or is that just overkill for all but the most extreme cryptographic applications?

    Read the article

  • Implementing password hashing/salting algorithm from crackstation.net

    - by Mason240
    I am trying to implement a password hashing/salting algorithm from crackstation.net, but I am unsure how implement it. Storing the password upon user registration seems to be as simple as passing the password into create_hash(). $password = create_hash($_POST['Password']; I'm not following how to validate upon user login. validate_password($password, $good_hash) returns either true or false, and takes $password as parameter, so it seems like a no brainer except for the second parameter $good_hash. Where does this param come from? It is my understanding that password is turned into a hash value every time its used, and that the hash value is what is stored and compared. So why would I have both the $password and $good_hash values? Quick overview of the functions: function create_hash($password){ calls pbkdf2() } function validate_password($password, $good_hash){ calls pbkdf2() calls slow_equals() } function slow_equals($a, $b){ } function pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output = false){ } Of course a different, better method for this would also be just as helpful. Thank you

    Read the article

  • What is an s2k algorithm?

    - by WilliamKF
    What is the definition of an s2k algorithm? For example, "PBKDF2(SHA-1)" is an s2k algorithm. Here is some Botan code that refers to s2k: AutoSeeded_RNG rng; std::auto_ptr<S2K> s2k(get_s2k("PBKDF2(SHA-1)")); s2k->set_iterations(8192); s2k->new_random_salt(rng, 8); SymmetricKey bc_key = s2k->derive_key(key_len, "BLK" + passphrase); InitializationVector iv = s2k->derive_key(iv_len, "IVL" + passphrase); SymmetricKey mac_key = s2k->derive_key(16, "MAC" + passphrase); Also, what is a 'salt' in s2k?

    Read the article

  • PHP Mcrypt - Encrypting / Decrypting file

    - by whitman6732
    Trying to write a couple of functions that will encrypt or decrypt a file and am using the class found here to try and accomplish this: http://www.itnewb.com/v/PHP-Encryption-Decryption-Using-the-MCrypt-Library-libmcrypt The encryption function below seems to work, in that it appears to encrypt the file and place it in the intended directory. I'm trying to decrypt the file now, and it just dies with the message "Failed to complete decryption" (which is coded in there...) There's nothing in the php error logs, so I'm not sure why it's failing, but as mcrypt is entirely new to me, I'm more than inclined to believe I'm doing something wrong here... Here are the functions: //ENCRYPT FILE function encryptFile() { global $cryptastic; $pass = PGPPASS; $salt = PGPSALT; $key = $cryptastic->pbkdf2($pass, $salt, 1000, 32) or die("Failed to generate secret key."); if ($handle = opendir(PATH.'/ftpd')) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != "..") { $newfile = PATH.'/encrypted/'.$file.'.txt'; $msg = file_get_contents(PATH.'/ftpd/'.$file); $encrypted = $cryptastic->encrypt($msg, $key) or die("Failed to complete encryption."); $nfile = fopen($newfile, 'w'); fwrite($nfile, $encrypted); fclose($nfile); unlink(PATH.'/ftpd/'.$file); } } closedir($handle); } //DECRYPT FILE function inFTP() { global $cryptastic; $pass = PGPPASS; $salt = PGPSALT; $key = $cryptastic->pbkdf2($pass, $salt, 1000, 32) or die("Failed to generate secret key."); if ($handle = opendir(PATH.'/encrypted')) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != "..") { $newfile = PATH.'/decrypted/'.$file; $msg = PATH.'/encrypted/'.$file; $decrypted = $cryptastic->decrypt($msg, $key) or die("Failed to complete decryption."); $nfile = fopen($newfile, 'w'); fwrite($nfile, $decrypted); fclose($nfile); //unlink(PATH.'/encrypted/'.$file); } } closedir($handle); } //$crypt->decrypt($file); }

    Read the article

  • WP: AesManaged encryption vs. mcrypt_encrypt

    - by invalidusername
    I'm trying to synchronize my encryption and decryption methods between C# and PHP but something seems to be going wrong. In the Windows Phone 7 SDK you can use AESManaged to encrypt your data I use the following method: public static string EncryptA(string dataToEncrypt, string password, string salt) { AesManaged aes = null; MemoryStream memoryStream = null; CryptoStream cryptoStream = null; try { //Generate a Key based on a Password, Salt and HMACSHA1 pseudo-random number generator Rfc2898DeriveBytes rfc2898 = new Rfc2898DeriveBytes(password, Encoding.UTF8.GetBytes(salt)); //Create AES algorithm with 256 bit key and 128-bit block size aes = new AesManaged(); aes.Key = rfc2898.GetBytes(aes.KeySize / 8); aes.IV = new byte[] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; // rfc2898.GetBytes(aes.BlockSize / 8); // to check my results against those of PHP var blaat1 = Convert.ToBase64String(aes.Key); var blaat2 = Convert.ToBase64String(aes.IV); //Create Memory and Crypto Streams memoryStream = new MemoryStream(); cryptoStream = new CryptoStream(memoryStream, aes.CreateEncryptor(), CryptoStreamMode.Write); //Encrypt Data byte[] data = Encoding.Unicode.GetBytes(dataToEncrypt); cryptoStream.Write(data, 0, data.Length); cryptoStream.FlushFinalBlock(); //Return Base 64 String string result = Convert.ToBase64String(memoryStream.ToArray()); return result; } finally { if (cryptoStream != null) cryptoStream.Close(); if (memoryStream != null) memoryStream.Close(); if (aes != null) aes.Clear(); } } I solved the problem of generating the Key. The Key and IV are similar as those on the PHP end. But then the final step in the encryption is going wrong. here is my PHP code <?php function pbkdf2($p, $s, $c, $dk_len, $algo = 'sha1') { // experimentally determine h_len for the algorithm in question static $lengths; if (!isset($lengths[$algo])) { $lengths[$algo] = strlen(hash($algo, null, true)); } $h_len = $lengths[$algo]; if ($dk_len > (pow(2, 32) - 1) * $h_len) { return false; // derived key is too long } else { $l = ceil($dk_len / $h_len); // number of derived key blocks to compute $t = null; for ($i = 1; $i <= $l; $i++) { $f = $u = hash_hmac($algo, $s . pack('N', $i), $p, true); // first iterate for ($j = 1; $j < $c; $j++) { $f ^= ($u = hash_hmac($algo, $u, $p, true)); // xor each iterate } $t .= $f; // concatenate blocks of the derived key } return substr($t, 0, $dk_len); // return the derived key of correct length } } $password = 'test'; $salt = 'saltsalt'; $text = "texttoencrypt"; #$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC); #echo $iv_size . '<br/>'; #$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); #print_r (mcrypt_list_algorithms()); $iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; $key = pbkdf2($password, $salt, 1000, 32); echo 'key: ' . base64_encode($key) . '<br/>'; echo 'iv: ' . base64_encode($iv) . '<br/>'; echo '<br/><br/>'; function addpadding($string, $blocksize = 32){ $len = strlen($string); $pad = $blocksize - ($len % $blocksize); $string .= str_repeat(chr($pad), $pad); return $string; } echo 'text: ' . $text . '<br/>'; echo 'text: ' . addpadding($text) . '<br/>'; // -- works till here $crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_CBC, $iv); echo '1.' . $crypttext . '<br/>'; $crypttext = base64_encode($crypttext); echo '2.' . $crypttext . '<br/>'; $crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, addpadding($text), MCRYPT_MODE_CBC, $iv); echo '1.' . $crypttext . '<br/>'; $crypttext = base64_encode($crypttext); echo '2.' . $crypttext . '<br/>'; ?> So to point out, the Key and IV look similar on both .NET and PHP, but something seems to be going wrong in the final call when executing mcrypt_encrypt(). The end result, the encrypted string, differs from .NET. Can anybody tell me what i'm doing wrong. As far as i can see everything should be correct. Thank you! EDIT: Additional information on the AESManaged object in .NET Keysize = 256 Mode = CBC Padding = PKCS7

    Read the article

  • New ZFS Encryption features in Solaris 11.1

    - by darrenm
    Solaris 11.1 brings a few small but significant improvements to ZFS dataset encryption.  There is a new readonly property 'keychangedate' that shows that date and time of the last wrapping key change (basically the last time 'zfs key -c' was run on the dataset), this is similar to the 'rekeydate' property that shows the last time we added a new data encryption key. $ zfs get creation,keychangedate,rekeydate rpool/export/home/bob NAME PROPERTY VALUE SOURCE rpool/export/home/bob creation Mon Mar 21 11:05 2011 - rpool/export/home/bob keychangedate Fri Oct 26 11:50 2012 local rpool/export/home/bob rekeydate Tue Oct 30 9:53 2012 local The above example shows that we have changed both the wrapping key and added new data encryption keys since the filesystem was initially created.  If we haven't changed a wrapping key then it will be the same as the creation date.  It should be obvious but for filesystems that were created prior to Solaris 11.1 we don't have this data so it will be displayed as '-' instead. Another change that I made was to relax the restriction that the size of the wrapping key needed to match the size of the data encryption key (ie the size given in the encryption property).  In Solaris 11 Express and Solaris 11 if you set encryption=aes-256-ccm we required that the wrapping key be 256 bits in length.  This restriction was unnecessary and made it impossible to select encryption property values with key lengths 128 and 192 when the wrapping key was stored in the Oracle Key Manager.  This is because currently the Oracle Key Manager stores AES 256 bit keys only.  Now with Solaris 11.1 this restriciton has been removed. There is still one case were the wrapping key size and data encryption key size will always match and that is where they keysource property sets the format to be 'passphrase', since this is a key generated internally to libzfs and to preseve compatibility on upgrade from older releases the code will always generate a wrapping key (using PKCS#5 PBKDF2 as before) that matches the key length size of the encryption property. The pam_zfs_key module has been updated so that it allows you to specify encryption=off. There were also some bugs fixed including not attempting to load keys for datasets that are delegated to zones and some other fixes to error paths to ensure that we could support Zones On Shared Storage where all the datasets in the ZFS pool were encrypted that I discussed in my previous blog entry. If there are features you would like to see for ZFS encryption please let me know (direct email or comments on this blog are fine, or if you have a support contract having your support rep log an enhancement request).

    Read the article

1