Mohsin wrote: > >> Attaching patch7.zip encryption Key_strengthening > >> > >> Changes: > >> 1 added 8 bytes salt to file header, > >> 2. sha256_key takes password, salt, salt_len (salt is binary, not > >> null terminated) > >> 3. sha256_seed also generates salt along with iv. > >> 4. bf_key_init takes password and salt. > >> 5. bf_key_init converts ascii hex key[64] to binary key[32] (this > >> change is independent of the 1..4 above)
Can we avoid the intermediate step with ascii hex? > >> Also attached is vc-proj.zip (contains dsp and dsw project files). > >> The HG repository didn't have these files, so I copied them from older > >> older source tree. > >> Might be useful to others on this list using vc++ on windows to debug. > > > > Can you explain what this does, how it makes the encryption stronger, > > and if there is any impact on performance? A link to a page that > > explains it would be helpful. > > Here is the doc for salting, this can be added to the code: > > http://en.wikipedia.org/wiki/Key_strengthening > > Its summary is: > > The salt is a random number concatenated to the password to create a > one time key. > > This prevents someone from precomputing keys (dictionary), > because the salt is a different in each file. We already had the seed for this. The wiki page actually describes a method to feed the password through an algorithm that costs time, to increase the time needed for a brute force attack. Instead of using both a seed and a salt, can we use one? Hmm, I suppose using two different strings adds to the strength. > The key computation is slowed down for offline attack; > this prevents someone with the file+salt but not the password, > from using brute force - > That is they feed all passwords 'a', 'aa', ... but they should NOT > have enough time to to try all 8 char passwords. > > === > Other docs that relate to this code: > > http://en.wikipedia.org/wiki/Blowfish_%28cipher%29 > http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation OK. I'm not sure if we really need this for Vim, or perhaps in limited form. I would like this to work well on slow machines. One important difference from many other applications of cyphers is that Vim has no check if the correct key is used. The attacker has to know something that must exist in the file, literally. That also makes attacks a lot slower. You use a strengthen_key value of 1000. Why not 100 or 10000? Perhaps we should put this value in the header as well, so that we can change it over time? About the code: Please, please use the Vim formatting style. Another question: I would like to also encrypt the swapfile. The problem is that this is written and read in blocks of 4Kbyte or more. There is no predefined order in which to perform the I/O, thus each block must be crypted and decrypted by itself. What we could do is generate a seed or salt for each block, and store that in the pointer block that refers to the data block. We can generate a new seed each time a block is written. The pointer block must then also be written later. We do need to restart the encryption for each block though. I suppose there is no safe way to store the state of the crypter in the file so that we can continue from there. Another problem is when changing the key: we would need to read back all blocks with the old key and crypt them with the new key. -- "The sun oozed over the horizon, shoved aside darkness, crept along the greensward, and, with sickly fingers, pushed through the castle window, revealing the pillaged princess, hand at throat, crown asunder, gaping in frenzied horror at the sated, sodden amphibian lying beside her, disbelieving the magnitude of the frog's deception, screaming madly, "You lied!" - Winner of the Bulwer-Lytton contest (San Jose State University), wherein one writes only the first line of a bad novel /// Bram Moolenaar -- b...@moolenaar.net -- http://www.Moolenaar.net \\\ /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ \\\ download, build and distribute -- http://www.A-A-P.org /// \\\ help me help AIDS victims -- http://ICCF-Holland.org /// -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php
