I am using C# RijndaelManaged class for AES encryption. The key and IV are generated from input password and salt using Rfc2898DeriveBytes class. My question is, how difficult would it be to break encryption if someone obtained input password but not the salt?
Breaking Rfc2898DeriveBytes key with input password but without salt
1k views Asked by SoftwareFactor At
1
There are 1 answers
Related Questions in .NET
- Does compiler optimize operation on const variable and literal const number?
- What is the point of definnig Asp.net Intrinsic Objects In different places and what is the different betwen them?
- Deleting Orphans with Fluent NHibernate
- IOrderedEnumerable to vb.net IOrderedEnumerable Conversion
- What is this namespace ITypeOfObjectsBoundToListBox ? Couldn't find it
- .net rest service with JSON string and consumed with java client
- What is best way to check if any of the property of object is null or empty?
- Telerik's WPF RadColorPicker NoColorText property not working
- Possible consequences of duplicate ProgId for different classes
- How are multiple requests to Task.Run handled from a resource management standpoint?
Related Questions in AES
- Do I have to randomize key in OpenSSL
- AES 256 and Base64 Encrypted string works on iOS 8 but truncated on iOS 7
- Encrypting (large) files in PHP with openSSL
- 32-character PHP AES Key for mcrypt_encrypt
- Javascript library forge does not work in Internet Explorer IE8
- ImportError: No module named Crypto
- AES CBC - Have message input and output and IV and have to find key
- AES with PKCS#5 padding
- Sage Pay Forms V3.00 AES-128 Encryption VB.Net
- C# AES and RSA File Encryption - How to use IV?
Related Questions in RIJNDAEL
- 32-character PHP AES Key for mcrypt_encrypt
- Rijndael file encryption / decryption
- Padding is invalid and cannot be removed with Rijndael
- What is the corresponding Powershell module for the PHP encryption library using MCRYPT_RIJNDAEL_256?
- Decrypt RIJNDAEL-128 in Java
- How Can/Should I Test The AES Algorithm
- Read Rijndael encrypted file in memory itself to decrypt
- CRijndael only encrpyting first 32 bytes of longer string
- Mobile rijndael algorithm implementation
- DeflateStream / GZipStream to CryptoStream and vice versa
Related Questions in RIJNDAELMANAGED
- Rijndael file encryption / decryption
- unable to de-serialize data
- Random characters at beginning of decrypted data
- openssl returns Bad Magic Number
- Decryption with invalid key not always throws CryptographicException
- C# equivalent encryption decryption for Java
- exception when decrypting with Rijndael
- Index out of range when decrypting a file
- Decrypt text iOS
- PHP mcrypt_encrypt to .NET
Related Questions in RFC2898
- Choosing salt and key size for Rfc2898DeriveBytes
- Encryption implementation corrupting only last few bytes
- Generate Rfc2898DeriveBytes key in JavaScript from C#
- How does RFC2898DeriveBytes generate an AES key?
- Password hashing different salt with same username
- How to use CryptoJS in Angular 9 to get same encrypted string like C# Rfc2898DeriveBytes
- How many bytes should a password hash be when using Rfc2898DeriveBytes?
- Breaking Rfc2898DeriveBytes key with input password but without salt
- PasswordDeriveBytes vs Rfc2898DeriveBytes, Obsolete but way faster
- Public Overrides Function GetBytes() As Byte() is obsolete
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Popular Tags
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
It would be close to impossible to retrieve the key and IV. Actually, sometimes a static, secret salt stored in source code is used in addition to the public random salt. In that way an attacker is required to get the source or runtime code in addition to the database with the salts and password hashes.
This kind of scheme does require a large enough (secret) salt, say 128 bytes. It would be best to use concatenation to create the combined public and secret salt.
Of course, it is always possible to mess up the encryption otherwise, e.g. by being vulnerable to padding oracle attacks, forgetting an authentication tag (HMAC) in addition to encryption, etc. etc. etc.