安全使用AES与盐渍密码作为关键 [英] Security using AES with salted password as key
问题描述
我明白了密码的散列哈希如何工作,但我假设我还需要存储salt,username,KEY和encryptedpassword。我总觉得我只需要了解我将如何实现这一点,例如如何存储它,然后如何重新生成密码。另外,如果有人可以解释为什么使用这个盐渍值更好,一个人不能用每个词前面的盐进行字典攻击?
I understand how a salted hash of a password works, but I am assuming I would also need to store the salt, username, KEY, and encryptedpassword. I think overall I just need to understand how I would implement this for instance how to store it and then how to regenerate the password. Also if someone could explain why using this salted value is better, couldn't a person do a dictionary attack with the salt in front of each word?
谢谢, p>
Thanks,
推荐答案
目前还不清楚您要做什么:验证提供的密码是否正确(与系统登录一样);或实现密码从密码导出的数据加密。
It is unclear what you are trying to do: verify a supplied password is correct (as with a system login); or implement encryption of data where the key is derived from a password.
如果是后者(这被称为基于密码的加密 ),那么您应该使用密钥导出函数,例如 PBKDF2 。密钥导出函数使用盐和提供的用户密码,并生成可以与AES一样的密码使用的密钥。
If it is the latter (which is known as password-based encryption), then you should use a key derivation function, such as PBKDF2. A key derivation function takes a salt and a supplied user password, and produces a key that can be used with a cipher like AES.
要加密,您将提示输入密码,生成随机盐,并使用KDF导出密钥。然后,您将使用AES以适当的分组密码模式来加密数据,并仅存储盐和加密数据(以及密码模式需要的任何IV)。
To encrypt, you would prompt for a password, generate a random salt, and derive a key using the KDF. You would then use that key with AES in a suitable block cipher mode to encrypt the data, and store only the salt and the encrypted data (and whatever IV the cipher mode requires).
要解密,您将提示输入密码,从文件中加载盐并重新导出密钥。然后,您将使用该密钥来解密文件。
To decrypt, you would prompt for a password, load the salt from the file, and re-derive the key. You would then use that key to decrypt the file.
盐的目的是防止预先计算优化被应用于字典攻击。一旦盐被知道,确实有可能执行暴力词典攻击,但是KDF被设计得足够缓慢,使得这个不可行而无需预先计算。
The purpose of the salt is to prevent precomputation optimisations from being applied to a dictionary attack. It is indeed possible to perform a bruteforce dictionary attack once the salt is known, but the KDF is designed to be slow enough to make this infeasible without precomputation.
这篇关于安全使用AES与盐渍密码作为关键的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
