Is this going to be as secure as I hope?
S. Dale Morrey
sdalemorrey at gmail.com
Fri Feb 14 14:52:27 MST 2014
The reason for SHA256 has more to do with availability of consistent
implementations across platforms.
I'm not at all opposed to using PBKDF2.
The question was more along the lines of "is the let's piece it together"
portion of the key assembly stage secure enough?
On Fri, Feb 14, 2014 at 2:42 PM, Lonnie Olson <lists at kittypee.com> wrote:
> On Fri, Feb 14, 2014 at 1:30 PM, S. Dale Morrey <sdalemorrey at gmail.com>
> > To do this I've devised an algorithm to derive the private key on the
> > client.
> When working with crypto, it's usually a bad idea to devise your own
> algorithms. There are likely smarter people that have already solved,
> tested, and verified the problem you are having.
> That said, your search for entropy is a good one, but your usage of
> SHA256 to derive a key from some set of entropy is inadequate. There
> is a whole section of cryptography dedicated to achieving this goal.
> There are several key derivation functions
> (http://en.wikipedia.org/wiki/Key_derivation_function) available which
> are much stronger than simple SHA256. Perhaps look at the most
> popular PBKDF2 (http://en.wikipedia.org/wiki/PBKDF2), since you are
> very likely to find an easy implementation already written for
> whatever platform you are writing for.
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
More information about the PLUG