AES128, rather.

Sent from my iPhone

On Oct 11, 2013, at 11:26 AM, Phillip Hallam-Baker <hal...@gmail.com> wrote:

> All,
> 
> Quick question, anyone got a good scheme for key stretching?
> 
> I have this scheme for managing private keys that involves storing them as 
> encrypted PKCS#8 blobs in the cloud.
> 
> AES128 seems a little on the weak side for this but there are (rare) 
> circumstances where a user is going to need to type in the key for recovery 
> purposes so I don't want more than 128 bits of key to type in (I am betting 
> that 128 bits is going to be sufficient to the end of Moore's law).
> 
> 
> So the answer is to use AES 256 and stretch the key, but how? I could just 
> repeat the key:
> 
> K = k + k
> 
> Related key attacks make me a little nervous though. Maybe:
> 
> K = (k + 01234567) XOR SHA512 (k)
> 
> 
> -- 
> Website: http://hallambaker.com/
> _______________________________________________
> The cryptography mailing list
> cryptography@metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography

Reply via email to