You could consider using the passphrase as an AES key. I would require the passphrase be at least 16 characters, preferably with non-standard words (use mixed case, numbers and symbols to avoid the dictionary attack). If it can be <16 there may be ways to secure it, still, depending on your situation. For instance, using the MAC address of the host PC to fill in the missing bytes if the host will always be the same for a given passphrase.

I think this would be secure, but would love to hear more knowledgable crypto people chime in on it.

At 11:50 AM 9/11/2003 +0400, you wrote:
Hello again,

I'm going to use following algorithm:

key_size=0
string=pass-phrase
key_from_string=""
while(key_size < key_required_size)
{
 key_from_string+=SHA1(string)
 string+=key_from_string
 key_size += 20 bytes
}
The obtained key_from_string is key for encryption.

Is it secure to use following algorithm?
Does CryptoPP suggests something better?

Best Regards,
Voronkov Konstantin

----- Original Message -----
From: "Voronkov Konstantin" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, September 10, 2003 4:04 PM
Subject: encryption with pass-phrase


> Hello All! > > Is there a way to encrypt something with pass-phrase instead of key > with CryptoPP 4.2? If not what is a standard and secure way for > generating encryption key from pass-phrase? > > Best Regards, > Voronkov Konstantin >



Reply via email to