Hello All,
the generation of the AES key is based on a password based encryption (PBE) mechanism, right?
I couldn't find any information regarding this topic. May you please provide some information about the applied algorithm and so on.
Is the underlying mechanism "save" (cf. http://www.javamex.com/tutorials/crypto ... tion.shtml)?
I really appreciate your help.
Thank you very much.
Password based encryption, how is the AES key generated?
- paulej
- Posts: 593
- Joined: Sun Aug 23, 2009 7:32 pm
- Location: Research Triangle Park, NC, USA
- Contact:
Re: Password based encryption, how is the AES key generated?
The source code for AES Crypt is entirely open, so you can see exactly what AES Crypt does with the user's password. It's hashed thousands of times against random values to produce a strong key used for encrypting and decrypting. There are actually two different keys used, but it's best to just read through the source code. The easiest code to follow is the Linux source code. Look at the function aescrypt.c file.