Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Nodejs createCipher vs createCipheriv

I am currently trying to encrypt data at rest with NodeJS, I have read in the Node API docs that createCipher is not recommended.

The implementation of crypto.createCipher() derives keys using the OpenSSL function EVP_BytesToKey with the digest algorithm set to MD5, one iteration, and no salt. The lack of salt allows dictionary attacks as the same password always creates the same key. The low iteration count and non-cryptographically secure hash algorithm allow passwords to be tested very rapidly.

In line with OpenSSL's recommendation to use pbkdf2 instead of EVP_BytesToKey it is recommended that developers derive a key and IV on their own using crypto.pbkdf2() and to use crypto.createCipheriv() to create the Cipher object.

Is createCipher still a viable and secure way to encrypt data at rest? Should this method be considered deprecated? Is it feasible for a well informed attacker to potentially decrypt data?

Should a solution using createCipheriv always be preferred over createCipher?

Any other details or recommendations appreciated.

like image 535
andrsnn Avatar asked May 17 '17 17:05

andrsnn


People also ask

What is createCipheriv?

createCipheriv() method is an inbuilt application programming interface of the crypto module which is used to create a Cipher object, with the stated algorithm, key and initialization vector (iv). Syntax: crypto.createCipheriv( algorithm, key, iv, options )

What is IV in crypto node?

iv – Also known as the initialization vector. This parameter takes input for iv that will make the cipher uncertain and unique. It does not need to be a secret. Its possible value types are: string, buffer, TypedArray, DataView.

Is crypto built in Nodejs?

It includes a set of wrappers for OpenSSL's hash, HMAC, cipher, decipher, sign, and verify functions. crypto is built into Node. js, so it doesn't require rigorous implementation process and configurations. Unlike other modules, you don't need to install Crypto before you use it in your Node.

How do I encrypt and decrypt JSON data in node JS?

const encrypted = key. encrypt(data, 'base64'); res. json({ status: 200, message: "Done", data: encrypted; });


2 Answers

Is createCipher still a viable and secure way to encrypt data at rest?

Although it is of course never recommended to use deprecated API calls, it is possible to create a secure system using createCipher. For this the given "password" must be strong enough to withstand offline, and possibly parallel attacks. For this the given password must have enough entropy (must be random enough) not to be guessed. For instance, you can create ~80 bit or higher passwords using a password manager and use those.

Should a solution using createCipheriv always be preferred over createCipher?

Yes, if just because the author has already warned you and any review of your code will have to reconsider if createCipher is still viable. If the method is ever removed from the CryptoJS (unlikely, but it has been deprecated after all) then your code would not run anymore.

Still, the use of createCipheriv will be less secure than createCipher if you use a password directly as key. You should still use a correct password based key derivation function such as PBKDF2 to derive the output key material - as indicated in the updated documentation.

Any other details or recommendations appreciated.

In most cases you want to use a higher end encryption / decryption method such as the Cryptographic Message Syntax (CMS, specified in PKCS#7), PGP or similar high end protocols / container formats.

If you really need to use a cipher directly you should try and see if authenticated encryption such as offered by GCM is an option.

like image 57
Maarten Bodewes Avatar answered Nov 11 '22 04:11

Maarten Bodewes


The now depreciated createCipher function didn’t allow for a unique iv which is why createCipheriv is preferred.

While deriving a key using any key derivation functionality it doesn’t assist in protecting the cipher text from dictionary attacks that an iv prevents.

like image 26
jas- Avatar answered Nov 11 '22 04:11

jas-