Scrypt salts can safely be stored with derived hashes in plaintext. Alex
On Sat, Jan 11, 2025 at 10:02 AM Sriram R <sramac...@gmail.com> wrote: > > Last question, does the salt data need to be encrypted when storing or is it > not sensitive information? > > > On Sat, Jan 11, 2025, 6:22 AM Alex Gaynor <alex.gay...@gmail.com> wrote: >> >> In general, using the output of a KDF as the key for symmetric >> encryption is fine. >> >> Alex >> >> On Fri, Jan 10, 2025 at 5:01 PM Sriram R via Cryptography-dev >> <cryptography-dev@python.org> wrote: >> > >> > Hello, >> > >> > I'm generating a key using Scrypt from a password supplied by the user. I >> > then use this key as follows. This works but my question to the experts: >> > is this an acceptable way to use the AESGCMSIV cipher? Am I doing >> > something that's fundamentally against best practices? In the examples on >> > the Cryptography site, the sample code snippet uses >> > AESGCMSIV.generate_key() method to generate the key instead. The >> > requirement I have is to generate the key that's based on a password. >> > >> > def gen_salt(size=32): >> > return secrets.token_bytes(size) >> > >> > def der_key(salt, password): >> > kdf = Scrypt(salt=salt, length=32, n=2**20, r=8, p=1) >> > return kdf.derive(password.encode()) >> > >> > def gen_symmkey(salt, password): >> > symmkey = der_key(salt, password) >> > return symmkey >> > >> > key = gen_symmkey(salt, password) >> > aesgcmsiv = AESGCMSIV(key) >> > >> > ct = aesgcmsiv.encrypt(nonce, file_data, aad) >> > with open(fname, "wb") as outfile: >> > outfile.write(ct) >> > >> > Best, >> > PE >> > >> > _______________________________________________ >> > Cryptography-dev mailing list >> > Cryptography-dev@python.org >> > https://mail.python.org/mailman/listinfo/cryptography-dev >> >> >> >> -- >> All that is necessary for evil to succeed is for good people to do nothing. -- All that is necessary for evil to succeed is for good people to do nothing. _______________________________________________ Cryptography-dev mailing list Cryptography-dev@python.org https://mail.python.org/mailman/listinfo/cryptography-dev
