6

I am new to encryption, I used encryption techniques of all types,but client particularly asking about PBKDF2 encryption technique. Any Help?

rmaddy
  • 314,917
  • 42
  • 532
  • 579
user3149246
  • 162
  • 1
  • 7
  • 1
    It's "encryption", not "enscryption" :) Besides, dealing with cryptography without a solid knowledge of it can lead to massive failures. You should ask an external consultant or a colleague to help you. – Stefano Sanfilippo Jan 12 '14 at 12:00
  • Also, please narrow down the scope. Where do you need `PBKDF2`? – Stefano Sanfilippo Jan 12 '14 at 12:01
  • I want to encrypt the string using kCCPBKDF2 – user3149246 Jan 12 '14 at 12:03
  • Google is your friend: this article has everything you need inside http://robnapier.net/aes-commoncrypto . Just use AES256 instead of AES128 if possible. – Stefano Sanfilippo Jan 12 '14 at 12:04
  • 2
    Tell the client that they need to hire a cryptographic security domain expert. – zaph Jan 12 '14 at 12:10
  • 1
    @Stefane Personally I do not see the need for AES256 over AES128 from a security perspective. But, I did some timings and under some platforms AES256 was faster than AES128! So AES256 is indeed a good choice. – zaph Jan 12 '14 at 12:26
  • @Zaph AES-256 should normally never be faster than AES-128. It has a more complex key schedule as well as more rounds. Are you sure you are not confusing AES and SHA? SHA-512 *can* be faster then SHA-256 as it uses 64 bit calculations instead of 32 bit calculations. – Maarten Bodewes Jan 12 '14 at 22:29
  • 1
    I understand that but time it. There are other things at work such as the hardware AES helper instructions, they may be biased toward 256. Here are some times on my Mac: AES128 Iterations: 100000: 865.949 ms, AES256 Iterations: 100000: 854.222 ms. 256 is not always faster. Code snippet: `CCCrypt( encryptOrDecrypt, kCCAlgorithmAES, kCCOptionPKCS7Padding, symmetricKey.bytes, kCCKeySizeAES256` – zaph Jan 12 '14 at 22:40
  • @owlstead my timings are left over from a different question. Each iteration has a new key and thus a schedule setup. Then I am encrypting one block. This was done specifically to look at schedule setup times for short messages. For encrypting longer messages the timings will of course be different. None the less for certain usages and configurations 256 is as fast as 128. I was surprised. – zaph Jan 12 '14 at 22:51
  • Not to overly shill my own code, but if you're not certain how to correctly write encryption software, take a look at RNCryptor. It wraps all of the pieces you need into a single package, and is available for several platforms (including iOS). Building correct AES encryption out of the Common Crypto primitives is not trivial, and it's very easy to make security mistakes. Most of the iOS sample code you will find around the internet is unfortunately incorrect. https://github.com/RNCryptor – Rob Napier Jan 14 '14 at 17:12

1 Answers1

6

PBKDF2 is a method to create a secure encryption key from a password. PBKDF2 stands for "Password-Based Key Derivation Function 2".
You will also need to provide the number of rounds, see PBKDF2 Calibration.

AES is an encryption method. AES stands for "Advanced Encryption Standard".
Other things you will need to handle:

  • Encryption mode
  • IV (Initialization Vector)
  • Padding
  • Key size

Both PBKDF2 and AES are supported by iOS CommonCrypto.

What you need to do is a two step process:

  1. Use PBKDF2 to create an encryption key from a password string.
  2. Then encrypt the data using the encryption key.

Finally you will need to secure the encryption key.

zaph
  • 111,848
  • 21
  • 189
  • 228
  • 5
    You must not "secure" the encryption key: you must **delete** it! You need to keep the salt and number of PBKDF2 rounds with the encrypted message (these are not secrets). Then the key can be generated again for decryption by running PBKDF2 once again with the password as input. – Erwan Legrand Mar 10 '14 at 11:20
  • Yes that is true and there are cases where the key needs to be used more than once, I have done full disk encryption where encryption is sector-by-sector. The used is asked to login once for the duration of a session. For the duration of the session the key is used. – zaph Mar 12 '14 at 22:13