0

Sorry if this is a duplicate but I could not find anything that was not in some way related to DB encryption. My problem is not with a DB. I have a set of files encrypted using RijndaelManaged. In the encrypting code I am using Rfc2898DeriveBytes to generate the key given a password and a salt and a certain number of iterations. The salt, as it happens, is not stored securely (just a string).

I was wondering: people with access to my code could easily get the salt (disassembling the dll for example) and of course the number of iterations.

What is the security risk of this, given for granted that the password in itself is not so easily retrievable (yes let's give it for granted now)?

I am assuming that without the password decrypting would be impossible, or at least it would require some time to brute force... or is it some analysis of the decrypted files possible?

An obvious concern is that stolen code is less easily detectable than a stolen DB...

Tallmaris
  • 7,605
  • 3
  • 28
  • 58
  • 1
    It completely depends how much entropy the password has. "The salt ... need not be kept secret" -- RFC 2898. – David Schwartz May 28 '13 at 22:37
  • 1
    The salt should be different for each file. – mikey May 28 '13 at 22:39
  • Thanks for the comments, they pointed me in the right direction (rewriting some code in the end). I think the question is better suited into the security stackexchange site... can anyone migrate it? – Tallmaris May 29 '13 at 10:51

1 Answers1

0

In short, the salt is fine to be stored in clear text. However, you should store a unique salt for each password in your file(s)(see this). That way no one could create a Rainbow table for all of the passwords stored in the file(s)(note that they could still create a rainbow table for one password in the file).

For more context on the whole hashing/password storing process see:

Hashing

Community
  • 1
  • 1
AtinSkrita
  • 1,373
  • 12
  • 13
  • This would apply if I was storing passwords in a DB (or file). I am encrypting files on the hard drive and I am using the same password+salt to derive the key with which to encrypt each file. I am asking if knowing the salt is a potential security risk. – Tallmaris May 29 '13 at 08:09
  • No. Using a salt(which should be stored unencrypted) will not open any (new) security holes. Using one salt for all of the files is better than using no salt at all. However using a unique salt for each file is better than the previous. – AtinSkrita May 29 '13 at 19:10