Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Does storing the salt along with the encrypted file break security?

Tags:

android

security

aes

salt

I am writing an Android application which aims to encrypt and decrypt files using AES 256. I am using AES-CBC mode and PBKDF2 for deriving the AES key from a user entered password. Also, I am generating a secure, pseudo random salt for every file's encryption key. I am storing the IV and salt with the encrypted file, so I can reread them and regenerate key later to be able to decrypt the file.

My question: Does storing the salt along with the encrypted file break security and any meaning of the salt itself? Can't an attacker knowing the salt and the IV make an offline brute force attack against the encrypted file to find out the encryption key?

like image 449
Alex Amiryan Avatar asked Jun 09 '12 13:06

Alex Amiryan

People also ask

Is it safe to store salt with password?

Since the whole purpose of a salt is to prevent password attacks with precomputed tables (e.g. rainbow tables), storing the salt along with the hashed password is actually harmless.

Is salt encryption secure?

Password salting increases password complexity, making them unique and secure without affecting user experience. It also helps prevent hash table attacks and slows down brute-force and dictionary attacks.

Where should password salts be stored?

The easiest way is to put the salt in front of the password and hash the combined text string. The salt is not an encryption key, so it can be stored in the password database along with the username – it serves merely to prevent two users with the same password getting the same hash.

Where should the salt be stored and how should it be used?

So, storing in a damp environment like a kitchen causes salt to become clumpy. The steam comes of from cooking and the odor affects the texture and taste of salt. That is why salt should be stored in an airtight container for longer shelf life.

1 Answers

The main purpose of the salt is not to be secret, but to make sure an attacker can't use shortcuts when trying to brute-force the password, like using rainbow tables (i.e. one existing table, or a new one to be used for multiple encrypted files), or brute-forcing multiple collected files (which should have different salts) at once.

As long as your password has enough entropy and the number of iterations in your key derivation function is high enough, storing the salt with the ciphertext is no problem. The salt alone will not allow anyone to decrypt the file.

Also, if you want to keep the salt secret (it then is usually called "pepper" instead of salt), you'll have to think of some mechanism to get the right salt to the one legitimately doing the decryption.

like image 59
Paŭlo Ebermann Avatar answered Oct 19 '22 13:10

Paŭlo Ebermann
Sign in to Comment

Related questions

No enclosing instance of type Camera is accessible
set spaces between letters in textview
How do you receive outgoing call in broadcastreceiver
setText is not updating
Cannot create TEMP table in Android sqlite
Android : The use of the ActionBarSherlock library
Shutdown Events in Android
Android: What's the better practice, using a global string or intents with extra data?
Executing math equation in Android
Problems with ACTION_POWER_CONNECTED
Inflate a layout with ImageButton inside Fragment programmatically
How to search for a word in a string and highlight word in a text view in android?
Progress bar with 2 Indicators
Activity's public void onLowMemory() method does not called by android framework when system runs OutOfMenory
Android landscape layout
remove line between custom option menu items
Verify if point is inside a cone in 3D space
android mediaplayer loops forever on ICS
android update project –path "command not found"
Stop a Toast and start another in android [duplicate]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!