Basics of encrypting
in [Cryptography]
|
Prev: A discrepancy in literatures on permutation polynomials
Next: CryptoAnalysis Game 1: Crack this code;) (+hint)
From: George Orwell on 13 Jan 2010 17:33 Hello, I'm planning to use the Botan encryption library to make a secure chat client, but I would like some advice on what's needed to make it secure. For example, I'm planning to use RSA-1024 for key exchange and AES-256 for the actual session data encryption, but do I need to pad, sign or format the public key in a specific manner to publicize it? Do I need to pad, sign or format the encrypted symmetric (encrypted using the public key RSA) key before sending it to the receiver? Do I need to pad, sign or format the symmetrically encrypted data before sending it to the receiver? Is there a good Internet tutorial or book which describes these steps? Thank you for your response. Il mittente di questo messaggio|The sender address of this non corrisponde ad un utente |message is not related to a real reale ma all'indirizzo fittizio|person but to a fake address of an di un sistema anonimizzatore |anonymous system Per maggiori informazioni |For more info https://www.mixmaster.it
From: Dave -Turner on 14 Jan 2010 05:02 Applied Cryptography by Bruce Schneier
From: Ilmari Karonen on 14 Jan 2010 05:36
On 2010-01-13, George Orwell <nobody(a)mixmaster.it> wrote: > > I'm planning to use the Botan encryption library to make a secure chat > client, but I would like some advice on what's needed to make it secure. That really depends on what you're doing (is it a one-to-one or a multiparty chat, etc.) and on which security properties you want (e.g. is it a bug or a feature if your conversation partner can later prove to others that you said what you did), but the phrase "secure chat client" does suggests to me that you might want to look into the OTR messaging system. > For example, I'm planning to use RSA-1024 for key exchange and AES-256 > for the actual session data encryption, but do I need to pad, sign or > format the public key in a specific manner to publicize it? You need to store it in _some_ format, and it's always convenient to use a standard one. The Botan library should take care of that for you, though. > Do I need to pad, sign or format the encrypted symmetric (encrypted > using the public key RSA) key before sending it to the receiver? Generally, yes, you need to pad your data in a specific way (use OAEP, if you have a choice) before encrypting it with RSA, but again, your crypto library should handle that for you. (There's a method called RSA-KEM that does away with the need for padding in your specific task, at the cost of not being able to choose the symmetric key in advance.) > Do I need to pad, sign or format the symmetrically encrypted data > before sending it to the receiver? If you want to prevent attackers from modifying the data (generally, you do), you should apply a MAC after encryption or use an encryption mode with built-in authentication. Other than that, symmetric crypto generally requires no padding or other modification of the input (except for handling data that is not an exact multiple of encryption blocks in length, but you crypto library should handle that for you). For more information your first two questions above, you might want to start at, say, <http://en.wikipedia.org/wiki/PKCS>. Information on KEM can be found at <http://en.wikipedia.org/wiki/Key_encapsulation>. And while you're on Wikipedia anyway, why not also take a quick look at <http://en.wikipedia.org/wiki/Off-the-Record_Messaging>? Finally, a disclaimer: I'm not a real expert here, and what I've given you is just basic general advice I've picked up over time here. If any of the folks here who do this stuff for a living disagree with anything I've written above, they're probably right and I'm wrong. -- Ilmari Karonen To reply by e-mail, please replace ".invalid" with ".net" in address. |