StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POWhich procedure is more secure for encryption using Password and Seed
primarykey
Id
6112867
data
AcceptedAnswerId
6115028
AnswerCount
2
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2011-05-24T15:26:10.790
FavoriteCount
1
LastActivityDate
2011-05-24T18:24:00.800
LastEditDate
LastEditorUserId
0
OwnerUserId
767871
ParentId
0
PostTypeId
1
Score
4
ViewCount
2282
LastEditorDisplayName
text
Body
I am designing a procedure and file format for the encryption application. I came to a point when I need to make a decision regarding the method/workflow of the encryption. I can't make up my mind on pros vs cons of using one approach over another. Below is an overview of the format structure: <pre> ------------------------------------------ | File signature || fixed | plain | |----------------||----------|-----------| | Algorithm info || fixed | plain | |----------------||----------|-----------| | Seed || fixed | encrypted | |----------------||----------|-----------| | Data || variable | encrypted | |----------------||----------|-----------| | CRC || fixed | encrypted | ------------------------------------------ </pre> Initially, I am going to use SHA-256 for a Hash function and AES-256 for an Encryption algorithm, but later it will be configurable, as the format suggests. Proposed procedure for creating encrypted container: <ol> <li>Hash(Password) => Key-Pass</li> <li>Generate random Seed</li> <li>Key-Pass XOR Seed => Key-Seeded</li> <li>Encrypt Seed with Key-Pass and store encrypted Seed</li> <li>Encrypt Data with Key-Seeded and store encrypted Data</li> <li>Encrypt CRC with Key-Seeded and store encrypted CRC</li> </ol> <h3>Questions</h3> A. Do I gain anything from storing encrypted Seed and CRC? Would it be less secure if I store them not encrypted? B. Is it more or less or no difference in security of using [ Hash(Password + Seed) ] for key generation rather than prosed [ Hash(Password) XOR Seed ] for the final key? C. A concluding question from two questions above. Would it be better or worse to use the alternative procedure for creating encrypted container: <ol> <li>Hash(Password + Seed) => Key</li> <li>Store unencrypted Seed</li> <li>Encrypt Data with Key and store encrypted Data</li> <li>Store unencrypted CRC (or encrypted)</li> </ol> I guess I would have to store unencrypted Seed in order to regenerate Key on reading back the encrypted content. CRC can be either encrypted or unencrypted.
Tags
<security><encryption><hash><cryptography><seed>
Title
Which procedure is more secure for encryption using Password and Seed
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. This table or related slice is empty.
UserOwnerUserId
1. USdezlov
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POWhich procedure is more secure for encryption using Password and Seed
 UserUserId
 USMarcin
 VoteTypeVoteTypeId
 VTFavorite
2. VO
 singulars
 PostPostId
 POWhich procedure is more secure for encryption using Password and Seed
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
3. VO
 singulars
 PostPostId
 POWhich procedure is more secure for encryption using Password and Seed
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.