Bitcoin Forum
December 08, 2016, 12:07:12 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: AES difference between a key and password  (Read 6500 times)
Nefario
Hero Member
*****
Offline Offline

Activity: 602


GLBSE Support support@glbse.com


View Profile WWW
May 11, 2011, 03:35:16 PM
 #1

I'm looking at some Javascript AES, one of the things it will need to do is decrypt AES256 with password protection. In all the libraries I've been looking at they only look for the key.

So what do?

What is the difference between the key and a password? Both are used in the same way right?

Is there a way to generate the key from the password (is it a hash of the pasword?)

PGP key id at pgp.mit.edu 0xA68F4B7C

To get help and support for GLBSE please email support@glbse.com
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Matt Corallo
Hero Member
*****
expert
Offline Offline

Activity: 751


View Profile
May 11, 2011, 03:44:19 PM
 #2

An AES key is what is actually used to do the encryption.  Somehow you have to arrive at such a key.  Many libraries use some kind of key derivation function to create such a key from a password.  There are several standards for key derivation and most have more parameters (like number of rounds and/or a salt).

Bitcoin Ubuntu PPA maintainer - donate to me personally: 1JBMattRztKDF2KRS3vhjJXA7h47NEsn2c
http://bitcoinrelaynetwork.org maintainer
PGP ID: 07DF 3E57 A548 CCFB 7530  7091 89BB B866 3E2E65CE
Nefario
Hero Member
*****
Offline Offline

Activity: 602


GLBSE Support support@glbse.com


View Profile WWW
May 12, 2011, 02:34:22 PM
 #3

An AES key is what is actually used to do the encryption.  Somehow you have to arrive at such a key.  Many libraries use some kind of key derivation function to create such a key from a password.  There are several standards for key derivation and most have more parameters (like number of rounds and/or a salt).

Much obliged.

PGP key id at pgp.mit.edu 0xA68F4B7C

To get help and support for GLBSE please email support@glbse.com
theymos
Administrator
Legendary
*
expert
Offline Offline

Activity: 2506


View Profile
May 12, 2011, 04:59:30 PM
 #4

AES-256 needs a key of exactly 256 bits (128 bits for AES-128, etc.), so you often need to lengthen the password. It's also good to make a key of random bits instead of just ASCII text. So you hash the password with SHA-128/192/256, get 128/192/256 bits of "random" data, and use that as the key. Salting prevents the use of rainbow tables, and using multiple hash iterations slows down brute force attacks against the password.

If your password is somehow already exactly key size bits of random data, then you can use that as the key directly. One example of where this is useful is when you're encrypting a swap partition on Linux: the key can come directly from /dev/urandom, since no one needs to know it.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
Nefario
Hero Member
*****
Offline Offline

Activity: 602


GLBSE Support support@glbse.com


View Profile WWW
May 13, 2011, 02:25:36 AM
 #5

Thanks for the reply, the above information has been very usefull, and has pointed me to the solution. I want to decrpt some RSA keys that have been encrypted with Pythons m2crypto with AES-256.

Actually opening up the encrypted key you see this as the header.
Quote
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,ADAFE9CF9B976204E7F431458B7B80E2

DEK-Info is the important part. The first argument is the ancryption algorythm used, the second argument is the salt.

The password is then passed with the salt to PBKDF2 (Password-Based Key Derivation Function) which is what makes the actual key used to encrypt the keypair.

PGP key id at pgp.mit.edu 0xA68F4B7C

To get help and support for GLBSE please email support@glbse.com
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!