Smalltalk › Squeak › Squeak - Dev

FFI blowfish for encrypting / decrypting [WAS] Re: [Pharo-dev] How to encrypt a password?

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

10 messages Options

Mariano Martinez Peck

FFI blowfish for encrypting / decrypting [WAS] Re: [Pharo-dev] How to encrypt a password?

On Thu, Nov 21, 2013 at 3:53 PM, Paul DeBruicker <[hidden email]> wrote:

Mariano Martinez Peck wrote

> Hi Paul, and just to be sure I understand...none of them could work as a
> two-way encryption, right?
> The only one is your Pharo's version of Blowfish but that only works with
> 8
> chars long. Is it like this? Or is there any other two-way encryption?
>
> Thanks!
>

> --
> Mariano
> http://marianopeck.wordpress.com

Yes that's right. The PasswordHashingFFI stuff is all one way encryption.
Blowfish is two way, and the current implementation only works for 8 byte
chunks. I stopped working on it when the Smalltalk bcrypt implementation I
wanted proved to be 5000x times slower than the FFI version. Someone needs
to add the CBC part to Blowfish to encrypt longer strings. I do not know of
another in image two way encryption scheme, but there may be something in
the Cryptography repo. I'm not sure.

Hi Paul,

Sorry for the cross posting.

I was using the Smalltalk version of the Blowfish you did to encrypt and decrypt things. But now I realize it is very very slow for the usage I need. You seem to have faced the same problem.

I am encrypting pieces of 8 characters long. But I wonder if the decryption is available as well in FFI version? I see #ffiCrypt:with: but nothing to decrypt...

Thanks in advance

--
Mariano
http://marianopeck.wordpress.com

Ron Teitelbaum

RE: [Pharo-dev] FFI blowfish for encrypting / decrypting [WAS] Re: How to encrypt a password?

Hi Mariano,

Before I give you an answer, you should never ever ever not even for any reason, ever, did I mention ever, store a user’s password. You can hash a password, which means you store the hash value of the password. You can make it more secure by salting the hash or embedding your own key to the hash, or doing a number of other things. But you should always store an encrypted hash and never a recoverable password. The way this works is that your user knows the password and can generate a hash at any time that you can compare. You store the hash of the password to compare. The reason for this should be obvious. You don’t want anyone to have access to that password. Not even programmers. Your program doesn’t need it either since the user can generate that hash for you at any time. It really is all you ever need to store.

If you are looking for a simple cypher for something other than a password how about ARC4 from www.squeaksrouce.com/Cryptography

|key cText pText|

key := SecureRandom picker nextBits: 254.

cText := (ARC4 new key: key) encrypt: 'This is a very secure but meaningless string' asByteArray.

pText := (ARC4 new key: key) decrypt: cText.

^pText asString

'This is a very secure but meaningless string'

It’s pretty simple. To get the plainText back all you need is the key.

All the best,

Ron Teitelbaum

From: Pharo-dev [mailto:[hidden email]] On Behalf Of Mariano Martinez Peck
Sent: Monday, February 17, 2014 4:17 PM
To: Pharo Development List; [hidden email]; The general-purpose Squeak developers list
Subject: [Pharo-dev] FFI blowfish for encrypting / decrypting [WAS] Re: How to encrypt a password?

On Thu, Nov 21, 2013 at 3:53 PM, Paul DeBruicker <[hidden email]> wrote:

Mariano Martinez Peck wrote

> Hi Paul, and just to be sure I understand...none of them could work as a
> two-way encryption, right?
> The only one is your Pharo's version of Blowfish but that only works with
> 8
> chars long. Is it like this? Or is there any other two-way encryption?
>
> Thanks!
>

> --
> Mariano
> http://marianopeck.wordpress.com

Yes that's right. The PasswordHashingFFI stuff is all one way encryption.
Blowfish is two way, and the current implementation only works for 8 byte
chunks. I stopped working on it when the Smalltalk bcrypt implementation I
wanted proved to be 5000x times slower than the FFI version. Someone needs
to add the CBC part to Blowfish to encrypt longer strings. I do not know of
another in image two way encryption scheme, but there may be something in
the Cryptography repo. I'm not sure.

Hi Paul,

Sorry for the cross posting.

I was using the Smalltalk version of the Blowfish you did to encrypt and decrypt things. But now I realize it is very very slow for the usage I need. You seem to have faced the same problem.

I am encrypting pieces of 8 characters long. But I wonder if the decryption is available as well in FFI version? I see #ffiCrypt:with: but nothing to decrypt...

Thanks in advance

--
Mariano
http://marianopeck.wordpress.com

Paul DeBruicker

Re: FFI blowfish for encrypting / decrypting [WAS] Re: [Pharo-dev] How to encrypt a password?

In reply to this post by Mariano Martinez Peck

Hi Mariano,

No you can't decrypt it using the FFI library I've posted. You can just encrypt things and do a constant time string comparison.

BCrypt takes your unencrypted string and runs it through Blowfish many times based on the work factor specified. Right now the recommendation is to run it through 2^12 times. That will go up in the future as computers get faster. There's password hashing, which that library does, and 2 way encryption which is what you're asking for to store your db password more securely than plain text.

Did you try Pierce Ng's password splitting library? Its here:

http://samadhiweb.com/tags/secret%20splitting

Hope this helps

Paul

Mariano Martinez Peck wrote

On Thu, Nov 21, 2013 at 3:53 PM, Paul DeBruicker <[hidden email]> wrote:

> Mariano Martinez Peck wrote
> > Hi Paul, and just to be sure I understand...none of them could work as a
> > two-way encryption, right?
> > The only one is your Pharo's version of Blowfish but that only works with
> > 8
> > chars long. Is it like this? Or is there any other two-way encryption?
> >
> > Thanks!
> >
> > --
> > Mariano
> > http://marianopeck.wordpress.com
>
>
> Yes that's right. The PasswordHashingFFI stuff is all one way encryption.
> Blowfish is two way, and the current implementation only works for 8 byte
> chunks. I stopped working on it when the Smalltalk bcrypt implementation I
> wanted proved to be 5000x times slower than the FFI version. Someone needs
> to add the CBC part to Blowfish to encrypt longer strings. I do not know
> of
> another in image two way encryption scheme, but there may be something in
> the Cryptography repo. I'm not sure.
>
>
>
Hi Paul,

Sorry for the cross posting.

I was using the Smalltalk version of the Blowfish you did to encrypt and
decrypt things. But now I realize it is very very slow for the usage I
need. You seem to have faced the same problem.

I am encrypting pieces of 8 characters long. But I wonder if the
*decryption* is available as well in FFI version? I see #ffiCrypt:with:
but nothing to decrypt...

Thanks in advance

--
Mariano
http://marianopeck.wordpress.com

Mariano Martinez Peck

Re: [Pharo-dev] FFI blowfish for encrypting / decrypting [WAS] Re: How to encrypt a password?

In reply to this post by Ron Teitelbaum

On Mon, Feb 17, 2014 at 7:25 PM, Ron Teitelbaum <[hidden email]> wrote:

Hi Mariano,

Before I give you an answer, you should never ever ever not even for any reason, ever, did I mention ever, store a user’s password. You can hash a password, which means you store the hash value of the password. You can make it more secure by salting the hash or embedding your own key to the hash, or doing a number of other things. But you should always store an encrypted hash and never a recoverable password. The way this works is that your user knows the password and can generate a hash at any time that you can compare. You store the hash of the password to compare. The reason for this should be obvious. You don’t want anyone to have access to that password. Not even programmers. Your program doesn’t need it either since the user can generate that hash for you at any time. It really is all you ever need to store.

Hi Ron,

Thanks for the advice. I have been warned about this in the past so I am NOT using this for storing passwords. Instead, there are instVars from certain objects that are "password protected" because they represent some sensible data. So these fields need to be encrypted/decrypted. The user needs to supply a password for editing/viewing them. These fields were encrypted/decrypted with Blowfish. And the key for the blowfish is the " SecureHashAlgorithm new hashMessage: aString" of the password used to protect them...

Anyway.... I do need encrypt/decrypt and it should be fast. I have just tried ARC4 and seems to be fast. I have a few questions:

- If I make the ARC4 key larger is it likely to be safer?

- How does ARC4 compare to blowfish from security point of view? Is blowfish much more secure or not that much?

Thanks in advance!

If you are looking for a simple cypher for something other than a password how about ARC4 from www.squeaksrouce.com/Cryptography

|key cText pText|

key := SecureRandom picker nextBits: 254.
cText := (ARC4 new key: key) encrypt: 'This is a very secure but meaningless string' asByteArray.

pText := (ARC4 new key: key) decrypt: cText.
^pText asString

'This is a very secure but meaningless string'

It’s pretty simple. To get the plainText back all you need is the key.

All the best,

Ron Teitelbaum

From: Pharo-dev [mailto:[hidden email]] On Behalf Of Mariano Martinez Peck
Sent: Monday, February 17, 2014 4:17 PM
To: Pharo Development List; [hidden email]; The general-purpose Squeak developers list
Subject: [Pharo-dev] FFI blowfish for encrypting / decrypting [WAS] Re: How to encrypt a password?

On Thu, Nov 21, 2013 at 3:53 PM, Paul DeBruicker <[hidden email]> wrote:
Mariano Martinez Peck wrote
> Hi Paul, and just to be sure I understand...none of them could work as a
> two-way encryption, right?
> The only one is your Pharo's version of Blowfish but that only works with
> 8
> chars long. Is it like this? Or is there any other two-way encryption?
>
> Thanks!
>
> --
> Mariano
> http://marianopeck.wordpress.com

Yes that's right. The PasswordHashingFFI stuff is all one way encryption.
Blowfish is two way, and the current implementation only works for 8 byte
chunks. I stopped working on it when the Smalltalk bcrypt implementation I
wanted proved to be 5000x times slower than the FFI version. Someone needs
to add the CBC part to Blowfish to encrypt longer strings. I do not know of
another in image two way encryption scheme, but there may be something in
the Cryptography repo. I'm not sure.

Hi Paul,

Sorry for the cross posting.

I was using the Smalltalk version of the Blowfish you did to encrypt and decrypt things. But now I realize it is very very slow for the usage I need. You seem to have faced the same problem.

I am encrypting pieces of 8 characters long. But I wonder if the decryption is available as well in FFI version? I see #ffiCrypt:with: but nothing to decrypt...

Thanks in advance

--
Mariano
http://marianopeck.wordpress.com

--
Mariano
http://marianopeck.wordpress.com

Mariano Martinez Peck

Re: [Pharo-dev] FFI blowfish for encrypting / decrypting [WAS] Re: How to encrypt a password?

On Mon, Feb 17, 2014 at 10:15 PM, Mariano Martinez Peck <[hidden email]> wrote:

On Mon, Feb 17, 2014 at 7:25 PM, Ron Teitelbaum <[hidden email]> wrote:

Hi Mariano,

Before I give you an answer, you should never ever ever not even for any reason, ever, did I mention ever, store a user’s password. You can hash a password, which means you store the hash value of the password. You can make it more secure by salting the hash or embedding your own key to the hash, or doing a number of other things. But you should always store an encrypted hash and never a recoverable password. The way this works is that your user knows the password and can generate a hash at any time that you can compare. You store the hash of the password to compare. The reason for this should be obvious. You don’t want anyone to have access to that password. Not even programmers. Your program doesn’t need it either since the user can generate that hash for you at any time. It really is all you ever need to store.

Hi Ron,

Thanks for the advice. I have been warned about this in the past so I am NOT using this for storing passwords. Instead, there are instVars from certain objects that are "password protected" because they represent some sensible data. So these fields need to be encrypted/decrypted. The user needs to supply a password for editing/viewing them. These fields were encrypted/decrypted with Blowfish. And the key for the blowfish is the " SecureHashAlgorithm new hashMessage: aString" of the password used to protect them...

Anyway.... I do need encrypt/decrypt and it should be fast. I have just tried ARC4 and seems to be fast. I have a few questions:

- If I make the ARC4 key larger is it likely to be safer?

- How does ARC4 compare to blowfish from security point of view? Is blowfish much more secure or not that much?

mmm reading a bit more I would say ARC4 may not be the most accurate for my case. Why? Because I may have many fields from many objects all being protected with the same password (hence, same key for the ARC4). This may affect ARC4 security, right? And even more that key is not a random stream but a fixed one (the " SecureHashAlgorithm new hashMessage: aString" of the password they are protected with)....

Thanks,

Thanks in advance!

If you are looking for a simple cypher for something other than a password how about ARC4 from www.squeaksrouce.com/Cryptography

|key cText pText|

key := SecureRandom picker nextBits: 254.
cText := (ARC4 new key: key) encrypt: 'This is a very secure but meaningless string' asByteArray.

pText := (ARC4 new key: key) decrypt: cText.
^pText asString

'This is a very secure but meaningless string'

It’s pretty simple. To get the plainText back all you need is the key.

All the best,

Ron Teitelbaum

From: Pharo-dev [mailto:[hidden email]] On Behalf Of Mariano Martinez Peck
Sent: Monday, February 17, 2014 4:17 PM
To: Pharo Development List; [hidden email]; The general-purpose Squeak developers list
Subject: [Pharo-dev] FFI blowfish for encrypting / decrypting [WAS] Re: How to encrypt a password?

On Thu, Nov 21, 2013 at 3:53 PM, Paul DeBruicker <[hidden email]> wrote:
Mariano Martinez Peck wrote
> Hi Paul, and just to be sure I understand...none of them could work as a
> two-way encryption, right?
> The only one is your Pharo's version of Blowfish but that only works with
> 8
> chars long. Is it like this? Or is there any other two-way encryption?
>
> Thanks!
>
> --
> Mariano
> http://marianopeck.wordpress.com

Yes that's right. The PasswordHashingFFI stuff is all one way encryption.
Blowfish is two way, and the current implementation only works for 8 byte
chunks. I stopped working on it when the Smalltalk bcrypt implementation I
wanted proved to be 5000x times slower than the FFI version. Someone needs
to add the CBC part to Blowfish to encrypt longer strings. I do not know of
another in image two way encryption scheme, but there may be something in
the Cryptography repo. I'm not sure.

Hi Paul,

Sorry for the cross posting.

I was using the Smalltalk version of the Blowfish you did to encrypt and decrypt things. But now I realize it is very very slow for the usage I need. You seem to have faced the same problem.

I am encrypting pieces of 8 characters long. But I wonder if the decryption is available as well in FFI version? I see #ffiCrypt:with: but nothing to decrypt...

Thanks in advance

--
Mariano
http://marianopeck.wordpress.com

--
Mariano
http://marianopeck.wordpress.com

--
Mariano
http://marianopeck.wordpress.com

mkobetic

Re: [Pharo-dev] FFI blowfish for encrypting / decrypting [WAS] Re: How to encrypt a password?

In reply to this post by Mariano Martinez Peck

"Mariano Martinez Peck"<[hidden email]> wrote:

> > Anyway.... I do need encrypt/decrypt and it should be fast. I have just
> > tried ARC4 and seems to be fast. I have a few questions:
> >
> > - If I make the ARC4 key larger is it likely to be safer?
> > - How does ARC4 compare to blowfish from security point of view? Is
> > blowfish much more secure or not that much?
> >
> >
>
> mmm reading a bit more I would say ARC4 may not be the most accurate for my
> case. Why? Because I may have many fields from many objects all being
> protected with the same password (hence, same key for the ARC4). This may
> affect ARC4 security, right? And even more that key is not a random stream
> but a fixed one (the " SecureHashAlgorithm new hashMessage: aString" of
> the password they are protected with)....

With stream ciphers (or block cipher in modes that emulate a stream cipher, e.g. OFB, CTR) you absolutely must not reuse the same key to encrypt different data (http://en.wikipedia.org/wiki/Stream_cipher_attack). You could try to devise a way to avoid re-using the exact same key, e.g. generate the encryption key by mixing in a unique id of the field that you're encrypting along with the password, but unless you really know what you're doing, it's quite easy to make a fatal mistake in your design. Best way to do this is to stick with standard solutions. You're trying to use passwords for encryption, so your standard options would be PKCS#5, bcrypt or scrypt.

HTH,

Martin

Ron Teitelbaum

Re: [Pharo-dev] FFI blowfish for encrypting / decrypting [WAS] Re: How to encrypt a password?

In reply to this post by Mariano Martinez Peck

From: Mariano Martinez Peck

On Mon, Feb 17, 2014 at 7:25 PM, Ron Teitelbaum <[hidden email]> wrote:

Hi Mariano,

Hi Ron,

Anyway.... I do need encrypt/decrypt and it should be fast. I have just tried ARC4 and seems to be fast. I have a few questions:

- If I make the ARC4 key larger is it likely to be safer?

Safer depends mostly on how you use store the key and how you transfer secrets. I gave you the largest key for ARC4 so making it larger is not really an option. Oops Sorry no I didn’t (this is a good example of why crypto needs to be simple to be used properly!) use nextBytes: not nextBits for a larger key. You may want to use a 40 bit key, see below.

Some of the things you need to do are salt your data. This allows you to store a different value each and every time the data in encrypted even if the data itself doesn’t change. Never send the key in the open, it should also be encrypted (so that the same network packets sent again never open any locks).

How you store the key is important, but only as important as your security profile. For example if you wanted to protect the data against governments, you are out of luck. If you wanted to protect your data against large powerful actors, then you would need to store your password in memory only, and change it a multiple times a second (by re-salting and encrypting). If the program is tampered with or shuts down all the data is permanently lost in memory. You could have a master key (stored offline) to recover from disk. Now that is an extreme example, but you have to keep in mind that your program is only as good as your key storage. If you can store your key offline and start your system with it, then salt and stretch it for regular operations, you are pretty secure. If you just add your key to an ivar on a class running in smalltalk, you are probably not very secure. Your security profile will probably be in between the extremes but it is definitely worth thinking about. Two way auth is also a good way to go (like google authenticator). I personally like SAML. It allows you to handle authentication externally and your program doesn’t need to handle secrets. AD is also another way to add good security to your system without having to throw the solution all yourself.

- How does ARC4 compare to blowfish from security point of view? Is blowfish much more secure or not that much?

If you really care about the cipher use Rijndael instead. That is our implementation of AES. Blowfish was a contender for AES but was not picked. It’s a very good program but it’s not as well reviewed as AES. When AES was selected it of course went through a huge amount of review. It also is the current back bone of SSL (TLS).

RC2 is best if you plan to export your security code (use 40 bit key size). It is also vulnerable to some attacks but it’s still good for most uses (which is why it’s a good choice for export). Governments like encryption they can break.

If you can use approved software instead writing your own, you are much better off. Using cryptography is not the same thing as implementing it. Implementing it requires government restrictions, registration, and regulations.

Hope that helps and doesn’t scare you off. Cryptography is really fun, and very cool. Just be careful to follow the rules and do things properly.

Thanks in advance!

If you are looking for a simple cypher for something other than a password how about ARC4 from www.squeaksrouce.com/Cryptography

|key cText pText|
key := SecureRandom picker nextBits: 254.
cText := (ARC4 new key: key) encrypt: 'This is a very secure but meaningless string' asByteArray.
pText := (ARC4 new key: key) decrypt: cText.
^pText asString
'This is a very secure but meaningless string'

It’s pretty simple. To get the plainText back all you need is the key.

All the best,

Ron Teitelbaum

From: Pharo-dev [mailto:[hidden email]] On Behalf Of Mariano Martinez Peck
Sent: Monday, February 17, 2014 4:17 PM
To: Pharo Development List; [hidden email]; The general-purpose Squeak developers list
Subject: [Pharo-dev] FFI blowfish for encrypting / decrypting [WAS] Re: How to encrypt a password?

On Thu, Nov 21, 2013 at 3:53 PM, Paul DeBruicker <[hidden email]> wrote:
Mariano Martinez Peck wrote
> Hi Paul, and just to be sure I understand...none of them could work as a
> two-way encryption, right?
> The only one is your Pharo's version of Blowfish but that only works with
> 8
> chars long. Is it like this? Or is there any other two-way encryption?
>
> Thanks!
>
> --
> Mariano
> http://marianopeck.wordpress.com

Yes that's right. The PasswordHashingFFI stuff is all one way encryption.
Blowfish is two way, and the current implementation only works for 8 byte
chunks. I stopped working on it when the Smalltalk bcrypt implementation I
wanted proved to be 5000x times slower than the FFI version. Someone needs
to add the CBC part to Blowfish to encrypt longer strings. I do not know of
another in image two way encryption scheme, but there may be something in
the Cryptography repo. I'm not sure.

Hi Paul,

Sorry for the cross posting.

I was using the Smalltalk version of the Blowfish you did to encrypt and decrypt things. But now I realize it is very very slow for the usage I need. You seem to have faced the same problem.

I am encrypting pieces of 8 characters long. But I wonder if the decryption is available as well in FFI version? I see #ffiCrypt:with: but nothing to decrypt...

Thanks in advance

--
Mariano
http://marianopeck.wordpress.com

--
Mariano
http://marianopeck.wordpress.com

Ron Teitelbaum

Re: [Pharo-dev] FFI blowfish for encrypting / decrypting [WAS] Re: How to encrypt a password?

In reply to this post by Mariano Martinez Peck

From: Mariano Martinez Peck

On Mon, Feb 17, 2014 at 10:15 PM, Mariano Martinez Peck <[hidden email]> wrote:

On Mon, Feb 17, 2014 at 7:25 PM, Ron Teitelbaum <[hidden email]> wrote:

Hi Mariano,

Hi Ron,

Anyway.... I do need encrypt/decrypt and it should be fast. I have just tried ARC4 and seems to be fast. I have a few questions:

- If I make the ARC4 key larger is it likely to be safer?

- How does ARC4 compare to blowfish from security point of view? Is blowfish much more secure or not that much?

The key needs to be random. You should have a separate key for every type of data you store. If it is customer data then for each customer etc.

There is a certificate solution you might consider. Using public and private keys would solve your problem. You encrypt data with the users public key and store it. They can retrieve the data with their private key. Data still needs to be encrypted in transit (TLS) but you eliminate the need to protect the keys. Platforms have a good way to do that already. The problem of course is that if the user loses their private key (computer crash or something) the data is securely lost. (lost until the time runs out. All encrypted data has a shelf life. Until the encryption is eventually broken or computing gets so fast the key length is too short to keep it secret).

The best way to accomplish this is to store the key itself encrypted with the users public key. Then you salt and store your data using that key with AES. You send the data to the user (using TLS) along with the key and they decrypt the AES key (using their certificate private key) then decrypt the data with that key using AES.

One thing that might be obvious now is that you are basically implementing SSL to be used over SSL. J

You could also consider using a database with security built in. Then you could use the db security to handle all of this for you.

All the best,

Ron Teitelbaum

Thanks,

Thanks in advance!

If you are looking for a simple cypher for something other than a password how about ARC4 from www.squeaksrouce.com/Cryptography

|key cText pText|
key := SecureRandom picker nextBits: 254.
cText := (ARC4 new key: key) encrypt: 'This is a very secure but meaningless string' asByteArray.
pText := (ARC4 new key: key) decrypt: cText.
^pText asString
'This is a very secure but meaningless string'

It’s pretty simple. To get the plainText back all you need is the key.

All the best,

Ron Teitelbaum

From: Pharo-dev [mailto:[hidden email]] On Behalf Of Mariano Martinez Peck
Sent: Monday, February 17, 2014 4:17 PM
To: Pharo Development List; [hidden email]; The general-purpose Squeak developers list
Subject: [Pharo-dev] FFI blowfish for encrypting / decrypting [WAS] Re: How to encrypt a password?

On Thu, Nov 21, 2013 at 3:53 PM, Paul DeBruicker <[hidden email]> wrote:
Mariano Martinez Peck wrote
> Hi Paul, and just to be sure I understand...none of them could work as a
> two-way encryption, right?
> The only one is your Pharo's version of Blowfish but that only works with
> 8
> chars long. Is it like this? Or is there any other two-way encryption?
>
> Thanks!
>
> --
> Mariano
> http://marianopeck.wordpress.com

Yes that's right. The PasswordHashingFFI stuff is all one way encryption.
Blowfish is two way, and the current implementation only works for 8 byte
chunks. I stopped working on it when the Smalltalk bcrypt implementation I
wanted proved to be 5000x times slower than the FFI version. Someone needs
to add the CBC part to Blowfish to encrypt longer strings. I do not know of
another in image two way encryption scheme, but there may be something in
the Cryptography repo. I'm not sure.

Hi Paul,

Sorry for the cross posting.

I was using the Smalltalk version of the Blowfish you did to encrypt and decrypt things. But now I realize it is very very slow for the usage I need. You seem to have faced the same problem.

I am encrypting pieces of 8 characters long. But I wonder if the decryption is available as well in FFI version? I see #ffiCrypt:with: but nothing to decrypt...

Thanks in advance

--
Mariano
http://marianopeck.wordpress.com

--
Mariano
http://marianopeck.wordpress.com

--
Mariano
http://marianopeck.wordpress.com

Colin Putney-3

Re: [Pharo-dev] FFI blowfish for encrypting / decrypting [WAS] Re: How to encrypt a password?

In reply to this post by mkobetic

On Tue, Feb 18, 2014 at 12:35 AM, <[hidden email]> wrote:

With stream ciphers (or block cipher in modes that emulate a stream cipher, e.g. OFB, CTR) you absolutely must not reuse the same key to encrypt different data (http://en.wikipedia.org/wiki/Stream_cipher_attack). You could try to devise a way to avoid re-using the exact same key, e.g. generate the encryption key by mixing in a unique id of the field that you're encrypting along with the password, but unless you really know what you're doing, it's quite easy to make a fatal mistake in your design. Best way to do this is to stick with standard solutions. You're trying to use passwords for encryption, so your standard options would be PKCS#5, bcrypt or scrypt.

Martin had a fantastic presentation a few years ago at StS (or was it ESUG) where he started off showing slides based on a stock yellow-on-blue Powerpoint template. It was about how to use VisualWorks encryption packages; interesting from a technical point of view, but visually pretty dull. Then he starts demonstrating by selecting regions of his slides and encrypting them on the spot. The encrypted areas were just rectangular holes in the slide filled with noise. Then he selected two regions of the slide, encrypted them with the same key, and xored them together. Despite the overlap of the two regions, you could easily make out the content of the slide. It was the best demonstration of a mathematical concept I've ever seen.

Colin

Ron Teitelbaum

Re: [Pharo-dev] FFI blowfish for encrypting / decrypting [WAS] Re: How to encrypt a password?

On Tue, Feb 18, 2014 at 12:35 AM, <[hidden email]> wrote:

With stream ciphers (or block cipher in modes that emulate a stream cipher, e.g. OFB, CTR) you absolutely must not reuse the same key to encrypt different data (http://en.wikipedia.org/wiki/Stream_cipher_attack). You could try to devise a way to avoid re-using the exact same key, e.g. generate the encryption key by mixing in a unique id of the field that you're encrypting along with the password, but unless you really know what you're doing, it's quite easy to make a fatal mistake in your design. Best way to do this is to stick with standard solutions. You're trying to use passwords for encryption, so your standard options would be PKCS#5, bcrypt or scrypt.

Colin

That’s very cool!

Ron