I just need to verify whether the password is correct. Fault tolerant design prevents security breaches by keeping your systems online and by ensuring they are well-designed. I don't need to verify integrity of the password AND the encrypted file (or, in cryptographical terms, key and the message). I am not very good at understanding HMAC, but I think that in this case HMAC would not be used for what it was designed. Fault tolerant approach for data encryption and digital signature based on ECC system. This does not meet condition A, because all good key derivation functions should deliberately use excessive CPU/memory resources.
Fault tolerant encrypto software#
Then the attacker can write proprietary software which will be able to perform dictionary attack agains files encrypted with my software using our own hash-generating algorithm. I suspect this won't help at all since we know that the attacker has access to the source code - so the attacker will always be able to generate salt for the given password and, hence, generate the hash. The initial seed of the PRNG is derived from the password.
Fault tolerant encrypto generator#
Salt is going to be generated using pseudo-random number generator (PRNG). Probably not a good idea because of risk of precomputed dictionary attacks. Here are possible options that I was thinking about and my commentary to them: My question is - what kind of signature should I use so the security is not compromised? privacy) untrusted, possibly distributed key. The one and only thing that the attacker does NOT have is password. Our protocol roughly works as follows: We use homomorphic encryption for aggregation and employ an (w.r.t. I assume that a theoretical attacker has complete source code of my software. If we encrypt the same plaintext file twice with the same password, the header and encrypted text must not be the same. Risk of using weak/guessable password is NOT present as we declare in advance that only secure, long, random passwords are going to be used for encryption.ī. Password checking must be as fast as possible and it should not require excessive CPU/memory resources. There are several condition that must be met:Ī. For that purpose encrypted file contains header (which I would like to keep as small as possible), where some signature derived from password is going to be stored. When decrypting data, I want to be able to check whether supplied password is correct. During encryption phase data wil be compressed and encrypted. I am developing a software to encrypt/decrypt files/streams using symmetrical encryption algorithm.
0 kommentar(er)
