Re^3: Opening an Encrypted DB

in reply to Re^2: Opening an Encrypted DB_File database
in thread Opening an Encrypted DB_File database

If you encrypt a file with a known format (like a DB file), wouldn't an attacker have information to assist in decrypting the entire file? I thought it was recommended not to encrypt data that was predectible or known, because it gave a target to shoot for.

Just my $0.02 USD.

--MidLifeXis

Comment on Re^3: Opening an Encrypted DB_File database

Replies are listed 'Best First'.
Re^4: Opening an Encrypted DB_File database by crabbdean (Pilgrim) on Jul 14, 2004 at 18:10 UTC
Yeah, I thought about that ... but considered its better than not encrypting it at all. If I left it unencrypted they definitely would know the format. In addition I've written it to use 2 ciphers both with different 256 bit keys, and both keys are based on two different passwords which are themselves encrypted by two different 256 bit ciphers. On top of that the contents of the file is encrypted in a different cipher than the file encryption. Additionally the contents remains in an encrypted state in memory. The GUI requires an 8 digit password plus an 8 digit pin that can only be entered manually via a keypad on the GUI, and the program has a 30 second delay before it runs again. That should stop any brute force attempts. Any other ideas are welcome. :-) Dean The Funkster of Mirth Programming these days takes more than a lone avenger with a compiler. - sam RFC1149: A Standard for the Transmission of IP Datagrams on Avian Carriers	[reply]
Re^5: Opening an Encrypted DB_File database by iburrell (Chaplain) on Jul 14, 2004 at 20:35 UTC
Using two different ciphers and two 256-bit keys is overkill. One good symmetric cipher is the strongest part of any cryptosystem. The 256-bit key is well beyond being brute forces. The password, and system for making the key from the password, are the weak point. 2^256 is much larger than 10^16.	[reply]
Re^6: Opening an Encrypted DB_File database by crabbdean (Pilgrim) on Jul 15, 2004 at 11:47 UTC
Yeah, a bit of overkill but looking forward I considered that a year ago 128 bit used to be considered strong, whereas, a year later its not. Yeah, the password bit is the weakpoint but I'm not sure how to strengthen that. I have to consider that a users must get into the program somehow (relatively easily) but also consider that IF a hacker got in they'd then have access to ALL their passwords. Its needs a good strong front door. :-) Any ideas are welcome. Also, how did you derive 10^16? Just curious. Thanks again. Dean The Funkster of Mirth Programming these days takes more than a lone avenger with a compiler. - sam RFC1149: A Standard for the Transmission of IP Datagrams on Avian Carriers	[reply]
Re^7: Opening an Encrypted DB_File database by hardburn (Abbot) on Jul 15, 2004 at 14:27 UTC
Re^8: Opening an Encrypted DB_File database by crabbdean (Pilgrim) on Jul 15, 2004 at 17:46 UTC

In Section Seekers of Perl Wisdom