Hi Carsten, great. Thank you!
Tankred Am 04.05.2012 18:01 schrieb "Carsten Wentzlow" <[email protected]>: > Hi! > ~~~ > > On 05/04/2012 11:45 AM, Carsten Wentzlow wrote: > > On 05/04/2012 11:17 AM, Tankred Hase wrote: > >> You are correct the result would be a different cipher text each > time. > >> > >> > >> > According to rfc4880 the block size for AES is 16 octets. Perhaps > it would make sense to use sha256 and use the bytes 0-15 as the encryption > key and the bytes 16-31 as the randomPrefix. > >> > > >> > >> As already described the standard defines this prefix to be random. > I am not a crypto expert and so I can't answer if this is considered secure > or not. I am tempted to say this could be a solution. > >> > >> > >> Since I am trying to integrate external OAuth storage services such as > Google Drive, deduplication of encrypted file blobs is currently not an > issue anymore (Google should have enough storage ;)). > >> > >> Instead of using convergent encryption and generating a key for the > files using SHA operations, I would like to generate 256 bit keys and 16 > octets for the 'randomPrefix' using window.crypto.generateRandomValues()... > this would be done before invoking the web worker, as to not have a > reference to window in the worker code. > >> > >> One question regarding this: Does OpenPGP.js take any extra precautions > when generating session keys used for symmetric encryption, or can I just > use the output of crypto.generateRandomValues as my symmetric crypto key? > >> > > The Key and the Prefixrandom are secure random bytes taken from > openpgp_crypto_getRandomBytes passed to openpgp_crypto_symmetricEncrypt. > Please keep in mind that both strings MUST have the block-size length of > the cipher used. For doing so you can use > openpgp_crypto_getPrefixRandom(algo) with the algorithm number as argument. > This calls openpgp_crypto_getRandomBytes with the correct amount of bytes. > > Well, that was incorrect. Only the prefixrandom MUST always be the > block-size. To generate the key you can use function > openpgp_crypto_generateSessionKey(algo) to create a key which is also just > calling openpgp_crypto_getRandomBytes with the correct amount of bytes to > generate. Not all algorithms used have the same block and key size, sorry. > > best regards, > carsten > > _______________________________________________ > > http://openpgpjs.org >
_______________________________________________ http://openpgpjs.org
