Password Based Encryption

W

William Colls

I am working on a project in which we will need to encrypt some files.
For reason beyond my control, we will have to use Password Based
Encryption, and for the most part we have that working. However, I have
not, so far, been able to find any guidance that we can give our users
with respect to the password it self: Minimum length? Maximum Length?
Does case matter? We assume that the usual rules for "Strong Passwords"
will apply.

If anyone has useful pointers or links that will help in this regard,
they will be greatly appreciated.

Thanks for your time.

William.
 
A

Arne Vajhøj

I am working on a project in which we will need to encrypt some files.
For reason beyond my control, we will have to use Password Based
Encryption, and for the most part we have that working. However, I have
not, so far, been able to find any guidance that we can give our users
with respect to the password it self: Minimum length? Maximum Length?
Does case matter? We assume that the usual rules for "Strong Passwords"
will apply.
Click to expand...

To fully utilize a standard encryption algorithm like AES 128 then
you need a password that has 128 bits of real entropy and are
nit in any dictionaries. That will be a relative long password.
I guess you can call it passphrase!

Arne
 
M

markspace

I am working on a project in which we will need to encrypt some files.
For reason beyond my control, we will have to use Password Based
Encryption, and for the most part we have that working. However, I have
not, so far, been able to find any guidance that we can give our users
with respect to the password it self: Minimum length? Maximum Length?
Does case matter? We assume that the usual rules for "Strong Passwords"
will apply.

If anyone has useful pointers or links that will help in this regard,
they will be greatly appreciated.
Click to expand...


Iirc, there's quite a lot of algorithms that are grouped under the
general description of "password based." Can you say specifically what
you are using, and what parameters you use in the Java API? (I assume
you're using the Java API.)

Otherwise, there might be far to many options to really cover anything
more than just general platitudes.
 
R

Roedy Green

I am working on a project in which we will need to encrypt some files.
For reason beyond my control, we will have to use Password Based
Encryption, and for the most part we have that working. However, I have
not, so far, been able to find any guidance that we can give our users
with respect to the password it self: Minimum length? Maximum Length?
Does case matter? We assume that the usual rules for "Strong Passwords"
will apply.
Click to expand...

see http://mindprod.com/jgloss/jce.html
If will do most of the well known types of encryption.

If you need something very lightweight that you can verify for
yourself contains no trapdoors, see
http://mindprod.com/products.html#TRANSPORTER
--
Roedy Green Canadian Mind Products
http://mindprod.com
When you were a child, if you did your own experiment
to see if it was better to put to cocoa into your cup first
or the hot milk first, then you likely have the programmer gene..
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Encryption 6
Encryption 11
Uhhhhh, What can I do next? 6
Suggestions for new Website project 3
Insight on a coding project. 1
Strong Password encryption program? 2
Java Encryption newbie 5
Beginner's Guide to getting CipherSweet working with PDO and MYSQL 1

Members online

Total: 68 (members: 3, guests: 65)
Robots: 467

Forum statistics

Threads
473,994
Messages
2,570,223
Members
46,815
Latest member
treekmostly22

Latest Threads

Top