Tip: Encrypting stuff

  1. 3 months ago

    Kem T

    Sep 24 Pre-Release Testers, Xojo Pro, XDC Speakers New York

    Let's say you want to encrypt something securely. What's the best way? Here are some ideas:

    First, use AES 256, available through MBS plugins or my free M_Crypto module . There are other choices like Blowfish or AES 128, but don't mess around. There is no great speed penalty for using the stronger AES 256.

    Make sure you pick a secure password. This does not necessarily mean mixed letters, numbers, and symbols as a strong password could just be really, really long. Also make sure it's not too similar to one on the 10,000 Most Used Passwords list (available by searching the Internet).

    Use CBC mode which requires setting an initial vector. If you attended my XDC2018 session, or have access to that video, I explained and demonstrated that, but the short version is, an initial vector is a random set of bytes equal in length to one block of data. In the case of AES, that's 16 bytes. If you were to create an initial vector yourself, you should use Crypto.GetRandomBytes, but I have another suggestion.

    The "password" is not the same as the (encryption) "key". The former is what we humans create and remember, while the latter is the a set of bytes of fixed length (32 bytes for AES 256) that is used to encrypt data. While AES will stretch the password into the required key length for you, I recommend you do it yourself like this:

    Take the password and a random salt (minimum of 8 bytes through Crypto.GetRandomBytes) and run it through Crypto.PBKDF2 or Scrypt in my M_Crypto package. Use settings that take about 250 ms to run and generate 48 bytes. (Make sure you test the speed in a compiled app, not through the IDE.) Use the first 32 bytes of the result as the key and the last 16 bytes as the initial vector. After encryption, store the salt only.

    Why do all this? While the initial vector is not expected or required to be a secret, it doesn't hurt to make it one. By storing the salt and using the password hashing algorithm with a strong password, you will require someone attempting a brute-force hack to devote a lot of resources to figure out both, making the effort impractical if not impossible.

    If you are encrypting data in a database, this advice isn't for you. Instead, take a look at that XDC video for ideas.

or Sign Up to reply!