Collaborate Disseminate
I’m using a KDF (PBKDF2HMAC) to generate a Fernet key from a given password, but to do so I also need to generate and store a salt.
import base64
import os
from cryptography.fernet import Fernet
from cryptography.hazmat.ba… Continue reading Can a salt be a random ASCII string or be derived from one?
Just wanted to know if this was an accurate way of determining how long it would take someone with an 8GB GPU to derive 1 million keys using some assumed parameters below:
Time per derivation………..: 3.5 seconds
Memory required per de… Continue reading Argon2id key derivation rate calculation question
My app needs to work with encrypted user files on their devices. It should keep the data secret when someone gets hold of the device. For this, I’m thinking about the following schema (which may be wrong, and that’s why I’m a… Continue reading File encryption allowing changing password
According to the Wikipedia page for key derivation functions, a KDF’s purpose is to derive a secret key for cryptography:
In cryptography, a key derivation function (KDF) derives one or more secret keys from a secret valu… Continue reading Why are KDFs slow? Is using a KDF more secure than using the original secret?
I’m developing an application which will need to derive a private/public key pair from a user provided password, and then use the public key to encrypt some text (up to 1000 characters in length) such that it can only be decr… Continue reading Most secure algorithms for KDF and Public Key Encryption
I am currently writing an application which needs to store user data encrypted in the database. One of the requirements is that some of the data stored in the database needs to be encrypted in a way that we (the database administrators, wi… Continue reading How to encrypt user data in app using Google Sign-In
A popular zero-knowledge file sharing site uses a 128-bit master key for encryption.
However, they claim to be using AES256. When questioned, they explained the master key is widened using PBKDF2 and random salt to 256-bits… Continue reading AES256 with 128 bit key
Context
We have a browser-based client-server application. The client registers with email and password. The password is enforced to some guidelines.
Problem
The User needs an encrypted vault on the server to store cryptog… Continue reading Deriving 2 keys from user password – one for login – one for encryption?
Suppose you use a password manager having all possible features of modern password managers: encryption with a key derived from your master password, auto-filling, cloud or local storage, browser extension, web and local appl… Continue reading How to choose between password derivation or encryption?
Suppose you use a password manager having all possible features of modern password managers: encryption with a key derived from your master password, auto-filling, cloud or local storage, browser extension, web and local appl… Continue reading How to choose between password derivation or encryption?