Is it safe to use the hash function Sha3-256 to convert a variable length string (password) to a 256bits fixed length key used in AES-256-CTR?
Also, I would be grateful if you could tell me any best practices related to it.
string password = "password" print (GetByteCount (password)) // 8  byte key = sha3.Sum256 (password) print (GetByteCount (key)) // 32  byte encryption = aes.CTR.Encrypt (key, plaintext)
Answer # 1
Using a simple hash of a password as an encryption key makes it vulnerable to password dictionary attacks. It may be okay in practice if the password is strong enough, but at least key generation with a simple hash is not a best practice.
I think the best practice for password encryption is PKCS # 5: Password-based encryption specification version 2.1 (RFC 8018). I find it difficult to read RFC 8018, but RFC 8018 recommends a method called PBKDF2 as a key derivation function. PKBDF2 is available in many programming languages and should be considered.
The title "Key padding" is incorrect, isn't it? Padding is to fill in the remaining part of the last block in the block cipher.
- authentication - many services send raw passwords as they are when logging in, but can the "server administrator" not misuse the
- security : Where does database encryption occur? at which level?
- which is the best security method for generating random byte sequences in ruby?
- i don't know how to connect remotely to windows on azure securely
- about encryption in java
- i want to decrypt the value hashed with php's crypt function
- about crm security
- php - encryption/decryption with sha256 etc
- php - encryption/decryption with fujisha256 etc