Databases
StackOverflow2013
Postsdbo
PO
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    primarykey
    data
    text
    <p>It's good that you know CBC, as it is certainly better than using ECB mode encryption (although even better modes such as the authenticated modes GCM and EAX exist as well). I think there are several things that you should know about, so I'll explain them here.</p> <hr> <p>Keys and passwords are not the same. Normally you create a key used for symmetric encryption out of a password using a key derivation function. The most common one discussed here is PBKDF2 (password based key derivation function #2), which is used for PBE (password based encryption). This is defined in the latest, open PKCS#5 standard by RSA labs. Before entering the password need to check if the password is correctly translated into bytes (character encoding).</p> <p>The salt is used as another input of the key derivation function. It is used to prevent brute force attacks using "rainbow tables" where keys are pre-computed for specific passwords. Because of the salt, the attacker cannot use pre-computed values, as he cannot generate one for each salt. The salt should normally be 16 bytes (128 bits) or longer. It also ensures that identical passwords do not have the same derivation results.</p> <p>The output of the key derivation function is a secret of <code>dkLen</code> bytes, where <code>dkLen</code> is the length of the key to generate, in bytes. As an AES key does not contain anything other than these bytes, the AES key will be identical to the generated secret. <code>dkLen</code> should be 16, 24 or 32 bytes for the key lengths of AES: 128, 192 or 256 bits.</p> <hr> <p>OK, so now you finally have an AES key to use. However, if you simply encrypt each plain text block with this key, you will get identical result if the plain text blocks are identical. CBC mode gets around this by XOR'ing the next plain text block with the last encrypted block before doing the encryption. That last encrypted block is the "vector". This does not work for the first block, because there <em>is</em> no last encrypted block. This is why you need to specify the first vector: the "initialization vector" or IV.</p> <p>The block size of AES is 16 bytes <em>independent</em> of the key size. So the vectors, including the initialization vector, need to be 16 bytes as well. Now, if you only use the key to encrypt e.g. a single file, then the IV could simply contain 16 bytes with the value <code>00</code>h. This does not work for multiple files, because if the files contain the same text, you will be able to detect that the first part of the encrypted file is identical. This is why you need to specify a different IV for each encryption you perform with the key. It does not matter what it contains, as long as it is unique, 16 bytes and known to the application performing the decryption.</p> <p>Now there is one trick that might allow you to use all zero's for the IV all the time: for each plain text you encrypt using AES-CBC, you could calculate a key using the same password but a different salt. In that case, you will only use the resulting key for a single piece of information. This might be a good idea if you cannot provide an IV for a library implementing password based encryption. It's CPU unfriendly however: the PBKDF2 function is deliberately CPU unfriendly.</p> <hr> <p>IV's and salts are completely separate terms, although often confused. In your question, you also confuse bits and bytes, key size and block size and rainbow tables with MD5 tables (nobody said crypto is easy). One thing is certain: in cryptography it pays to be as secure as possible; redundant security is generally not a problem, unless you really (really) cannot afford the extra resources.</p> <hr> <p>When you understand how this all works, I would seriously you to find a library that performs PBE encryption. You might just need to feed this the password, salt, plain data and - if separately configured- the IV.</p>
    singulars
    1. This table or related slice is empty.
    1. POKey salt and initial value AES
      singulars
      1. PTQuestion
    1. PTAnswer
    1. USMaarten Bodewes
    1. USMaarten Bodewes
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. POKey salt and initial value AES
      singulars
      1. PTQuestion
    1. This table or related slice is empty.
    1. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTAcceptedByOriginator
    2. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    3. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    1. COI have by this point come to understand AES encryption, so your answer was a bit lengthy. If I confused any terms it only out of lazyness/vaugeness of expression. I have come to agree about redundant security and will use the salt.
      singulars
      1. PO
      1. USuser1122069
    2. COIt had to be lengthy because there were several issues to deal with in your question, and I cannot see into peoples minds. Futhermore, it may help others with similar questions. And I type > 300 chars a minute anyway (on good days).
      singulars
      1. PO
      1. USMaarten Bodewes
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload