Search found 3 matches
- Wed Apr 04, 2012 8:58 am
- Forum: AES Crypt
- Topic: AES Crypt key generation
- Replies: 3
- Views: 9482
Re: AES Crypt key generation
Yes that seemed to bother me a bit! Master key should be dependent somehow on the password. Maybe instead of using SHA-256 you can use SHA-512 derived from password and random salt (8192 times ofcourse) and cut the 512 bit output into 2 256 bit keys K-1 and K-2 in future designs maybe! That way the ...
- Tue Apr 03, 2012 12:13 pm
- Forum: AES Crypt
- Topic: AES Crypt key generation
- Replies: 3
- Views: 9482
AES Crypt key generation
There seem to be 2 flaws in design. First I don't know why the encrypted key needs to be placed in the encrypted file as well. Like TrueCrypt that never stores a hash of password or the encrypted key.
Secondly, key is randomly created can be a problem which means the key is not actually dependent ...
Secondly, key is randomly created can be a problem which means the key is not actually dependent ...
- Tue Jan 31, 2012 9:54 am
- Forum: AES Crypt
- Topic: Sha256 executable
- Replies: 1
- Views: 5229
Sha256 executable
Hello... I just wanted to ask you about verifiable downloads or signature files like we see in gpg4win or truecrypt. Also i wanted to ask you that the file size of encrypted file is significantly larger by about 150 bytes (excluding AES CREATED_BY (windows) 3.06 etc) ! What is the extra data ...