1

I'm hazy on the initial setup of AES, but I understand how the algorithm itself works once we start rounds 2-14 (subBytes, shiftRows, mixColumns, addRounKey), depending on the size of the key.

What I don't follow is the initial password and setup. Do we pick a password of any length, or we create our own 128, 192, or 256 bit password, that is then used throughout the application?

for instance, in this example of using AES with cryptojs:

var myString   = "attack at dawn";
var myPassword = "superSecretPassword";
var encrypted = CryptoJS.AES.encrypt(myString, myPassword);

is the myPassword variable run through a hash to create a 128, 192, or 256 bit key? For best security, should we make myPassword 256 bits already?

VDog
  • 1,083
  • 2
  • 13
  • 35

1 Answers1

2

Your confusion is 100% due to a bad API in crypto-js.

In the real world, encryption is done with keys, not passwords. If one has only a password, then they should convert it to a key using a Password Based Key Derivation Function, such as pbkdf2, scrypt, bcrypt, or argon2.

In crypto-js, encryption can be done with either keys or passwords (two different API calls). The password base encryption in crypto-is is non-standard, and uses an insecure Password Based Key Derivation Function.

Upshot: do not use the crypto-js password based encryption API. Instead, use the API that takes a key and IV, where the key is either 128-bit, 192-bit, or 256-bit.

References:

TheGreatContini
  • 6,429
  • 2
  • 27
  • 37
  • Thank you for the post! I have found this function that generates a 256 bit key, an iv and a salt. `openssl enc -aes-256-cbc -k secret -P -md sha1`. Would you be able to explain a little bit if possible how the IV works? I'm new to security and cryptography and want to make sure I do this right. I also wasn't able to see on Crypto-JS api on how to force a 256-bit encryption, or how to specify key + iv, but will start searching now. – VDog Sep 28 '17 at 16:57