I want to encrypt AES-128 bit key using pass phrase. The maximum number of characters of the pass phrase is 16. Is it possible to encrypt the key? Which algorithm is suitable to encrypt the key?
Asked
Active
Viewed 1,684 times
0
Artjom B.
- 61,146
- 24
- 125
- 222
user3425935
- 27
- 3
-
1Don't use a password as AES key. Use a password based KDF (basically a slow salted hash) to derive the key from the password. PBKDF2 is a common choice. – CodesInChaos Jan 15 '15 at 14:19
1 Answers
-2
I wont comment on whether this is a good idea or not as I don't think you've given us enough information to do that.
But the "standard" way of doing this is to hash the passphrase using MD5, SHA1, etc. You could add some secret salt to make it more secure as well
So Encryption becomes
salt = "MY SECRET SALT TEXT"
plaintext = AES_KEY
key = sha1(passphrase + salt)
ciphertext = AES(key,plaintext)
Now ciphertext is the encrypted version of the AES key
mox1
- 614
- 3
- 10
-
2SHA1 or MD5 is not the standard way. PBKDF2 should be used with a huge number of iterations. – Artjom B. Jan 15 '15 at 16:11