I am developing a procedure and file format for an encryption application. I came to the conclusion that I need to make a decision regarding the encryption method / workflow. I can not decide on the pros and cons of using one approach over another.
The following is an overview of the format structure:
------------------------------------------
| File signature || fixed | plain |
| ---------------- || ---------- | ----------- |
| Algorithm info || fixed | plain |
| ---------------- || ---------- | ----------- |
| Seed || fixed | encrypted |
| ---------------- || ---------- | ----------- |
| Data || variable | encrypted |
| ---------------- || ---------- | ----------- |
| CRC || fixed | encrypted |
------------------------------------------
At first I use SHA-256 for the Hash function and AES-256 for the encryption algorithm, but later it will be configured as the format offers.
Suggested procedure for creating an encrypted container:
- Hash (Password) => Key-Pass
- Generate random seed
- Key-Pass XOR Seed => Key-Seeded
- Encrypt Seed with Key-Pass and Store Encrypted Seed
- Encrypt data with Key-Seeded and store encrypted data
- Key-Seeded CRC Encryption and Saving Encrypted CRC
Questions
A. Do I get anything from storing encrypted seeds and CRC? Would it be safer if I did not store them in encrypted form?
B. Is this more or less a difference in the security of using [Hash (Password + Seed)] for generating keys, and not for the profile [Hash (Password) XOR Seed] for the final key
C. The final question of the two questions above. It would be better or worse to use an alternative procedure to create an encrypted container:
- Hash (Password + Seed) => Key
- Store unencrypted seeds
- Encrypt data with a key and store encrypted data
- Store unencrypted CRC (or encrypted)
I think I would need to store an unencrypted seed in order to recover the key when reading encrypted content. CRC can be either encrypted or unencrypted.
source share