Reliable way to determine if the wrong key is used in decryption aes256

Question

Reliable way to determine if the wrong key is used in decryption aes256

I have some code that I use to encrypt and decrypt some strings in an ios application. The code includes the use of CCCrypt. Is there a reliable way to verify the correctness of the key used without actually storing the key anywhere? From my research, it seems that the only way to get closer to saying whether a key is valid is to use key lengths and key hashes. Can someone lead me in the right direction?

+5

ios objective-c encryption commoncrypto

Kris gellci Jan 24 '13 at 2:40

source share

3 answers

, . : . , , .

, , (, bcrypt, salt hash, ..).

, -, , , , (, ASCII, - ..) . , , (, MSB, ), , . , .

0

Peter Elliott 24 . '13 15:14

, . :

a) ,

b) You can always attach the hash of the orginial message to the encrypted message (if you can control it). In this case, you can decrypt the message, get the hash of the decrypted message and compare it with the hash of the original message. If they are eqaul, then the correct key was used to decrypt.

0

Victor ronin Jan 24 '13 at 15:24

source share

Rob Napier · Accepted Answer · 2013-01-24T17:17:52+0000

Getting the answer will require a little information about the correct encryption. You may already know this, but most people do it wrong, so I cover it. (If you encrypt the password and do not encode at least HMAC, two salts and IV, you are doing it wrong.)

First, you must use HMAC (see CCHmac()) each time encryption in non-authentication mode (for example, AES-CBC). Otherwise, attackers can modify your encrypted text in ways that force it to decrypt into another message. See modaes for an example of this attack. HMAC is a cryptographically secure key based hash.

-, , KDF . PBKDF2. .

, , : HMAC.

, , , , HMAC , . RNCryptor.

: , , .

, , HMAC . , . , aescrypt. , "" , , PBKDF2, HMAC, . - , .

Reliable way to determine if the wrong key is used in decryption aes256

More articles: