![]() You leave that up to the user / client to enter when needed, make the key storage somebody else's problem. You seem to want to know: How do I securely store a key? At the same time, they don't cost any security, because while there is less entropy (unguessability) per encoded byte, the encoding makes the secret (or any other data) longer by exactly the amount necessary to preserve the total entropy it had before (this follows necessarily from the "fully reversible" property). As such, they can't add any security, because there's nothing that the attacker doesn't know. ![]() None whatsoever, in either direction, for either encoding (or even both of them together, if you want to waste space and CPU cycles).Įncodings are fully reversible and easily recognizable they are not keyed, there's no secret to them whatsoever. Your confusion might be based on: How much security is added or lost by encoding a secret, such as a key, in Hex or Base64? You asked: How safe is AES 256bitkey encoded in HEX, Base64?Įxactly as safe as any other data stored in the same place or transmitted via the same connection as the key. You seem dangerously confused about this whole topic, so I'm going to answer the question as asked, and then a few others you might have meant (or should have meant), and explain what's going on and what you should actually do. So what should be the correct way to store the key256Bits and can be easily to retrive later? I'm new to this, correct me if wrong. And that is easy for brute force then convert back to array of bytes(the returned key from generateKey(passphrase)) then put into decrypt the realData? Is it the correct way? Can the key256Bits be stored in SQL(or a file) database then retrived later for decrypting?Īlso the encoding readable(Hex, Base64) string of generateKey(passphrase) (which in Crypto-JS I can just use key256Bits.toString()) does not contain any special characters if hex or only '/,+' and wierd ending '=' if base64. I am using CryptoJS AES 256 encryption: (realData, generateKey(passphrase), )
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |