I'm currently trying to build a (sort of) secure, desktop based RTF text editor written for node-webkit using node.js. Based on some answers that I read here, such as How can I securely convert a "string" password to a key used in AES? and Recommended # of iterations when using PKBDF2-SHA256?, amongst others, I've come up with the following system. However, I'm rather unsure about the manner in which I've combined these algorithms, and I was hoping someone could check the system.
On first time application initialization:
- Generate 1024 cryptographically secure pseudorandom bytes (
k) - Generate 256 more ^ as a salt (
s) - Ask for user password (
p) - Stretch p using PBKDF-2 using s as salt, 64K rounds (n = number of rounds) to a length of 512 bytes (length = l) (
P) (takes a little over a second on my system) - Encrypt k using AES-CBC with P as key (
K) - Store
s||n||l||Kon disk
For encrypting and then saving a new file:
- Ask for user password (
p) - Read
s||n||l||Kfrom disk - As in step 3 above, stretch
ptoPusings,nandlfrom step 2 - Decrypt
KusingP - Use
kto encrypt file data using AES CBC; save to disk
Possible concerns (keeping in mind that this is supposed to be usable on a modern laptop/desktop) include:
- magic numbers (64K, 512, 1024)
- no IV (not sure if it's necessary)
- something about some combination of algorithms
- some other stupid mistake
Aucun commentaire:
Enregistrer un commentaire