开发者

Is this kind of encryption "safe"?

问答 作者:

I must first say I have never studied cryptography, and everything I know on this topic is just basic notions.

We were looking at a fast and easy way to encrypt some data (to be stored into a database) using a password. I know the "safest" algorithm is AES, but it's probably too complicated for us and I know it requires us to obtain authorizations from the US government, etc.

We thought about this (simple) algorithm, which reminds me (but I may be wrong) a sort of "One time pad". (it's not written in any specific language... it's just the idea :) )

// The string we need to encrypt
string data = "hello world";

// Long string of random bytes that will be generated the first time we need to encrypt something
string randomData = "aajdfskjefafdsgsdewrbhf";

// The passphrase the user selected
string passphrase = "foo";

// Let开发者_如何学C's generate the encryption key, using randomData XOR passphrase (repeating this one)
string theKey = "";
j = 0;
for(i = 0; i < randomData.length; i++)
{
    theKey += randomData[i] ^ passphrase[j];
    j++;
    if(j == passphrase.length) j = 0;
}

// Encrypt the data, using data XOR theKey (with theKey.length >= data.length)
string encryptedData = "";
for(i = 0; i < data.length; i++)
{
    encryptedData += data[i] ^ theKey[i];
}

On disk, we will store then only randomData and encryptedData. passphrase will be asked to the user every time.

How safe will an algorithm like this be? Except with a brute force, are there other ways this could be cracked? I don't think statistical analysis will work on this, does it? Is it "as safe as" a One Time Pad?

Thank you!

You can just import an AES library and let it do all the heavy work. Authorizations from the US government? It is a public function, and the US government also uses it.

No, this is not secure.

If the random data is stored alongside the encrypted data, then it is simply equivalent to XORing with the passphrase: this is because the attacker can simply XOR the encrypted data with the random data, and obtain plaintext XOR passphrase as the result.

This is extremely weak. Statistical analysis would crack it in the blink of an eye. Some diligent pen-and-paper guesswork would probably crack it pretty quickly too.

The only exception would be if (1) randomData was taken from a truly crypto-strength source, (2) randomData was at least as long as your plaintext data, (3) randomData was never, ever re-used for a different message, and (4) you got rid of passphrase altogether and treated randomData as your key. In that case you'd have what amounts to a one-time pad.

No, it isn't safe. Using xor with random data and password this way is completely wrong. A one time pad cryptograpy needs the random data to be the same length as the data to be encrypted.

继续阅读:cryptographyencryptionsecurity

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9