Using MD5 to generate an encryption key from password?

This article on Key strengthening might help you. Basically you want to make the key stronger (more entropy than in a password) and make its derivation from the password reliably time consuming.

Thanks, that's exactly what I was looking for. – Charles Oct 1 '09 at 13:19.

Well, as your post is general, let me state a few general things: MD5, SHA-0, SHA-1 are all broken hashes, and you should not use them for any cryptographic purpose, use SHA-2. You should, generally, use well-known and documented approaches to derriving keys from passwords (you don't mention what language, please say which one you are using). When doing any sort of security programming, the most important thing to do is, before you do anything, strictly document your 'threat model'.

This is basically a listing of all the attacks you are trying to prevent, and how you will do it, and also what sort attacks you can't prevent against. It's quite fun to do, and you'll get to learn about all the attacks and other interesting things.

1. The vulnerabilities in MD5 don't matter for my purposes because I'm only using it to derive a key out of a variable-length string. If an adversary ever gets the hash, the game is over anyway since that's what was supposed to be the secret all along.

Collision attacks don't even enter the playing field here, as far as I know. 2. This is what I'm trying to do by asking the question above.

:) The programming language doesn't matter because this is a question of theory, not implementation. But in case you're merely curious, I'm using Python. 3.

This is also what I'm trying to do here. :) – Charles Oct 1 '09 at 3:54 sigh I really don't know what it will take to convince people to stop using MD5. I guess the only thing will be a compromise of systems they directly interact with.In any case, I leave it with you.

I cannot stress enough how unwise it is to continue using broken algorithms, regardless of what you think you know. – Noon Silk Oct 1 '09 at 3:58 Dude, I don't think you're reading what I'm writing. :) – Charles Oct 1 '09 at 13:19 Charles, silky is right.

Don't use any of the hashes he mentions. If you are asking the questions you are, you don't understand the implications of a compromised hash function (I'm not claiming I do either). Go read daemonology.

Net/blog/… – lambacck Oct 1 '09 at 0:38.

The answer to your new question is: you should definitely be using something like PBKDF2 to generate the key. I assume you are going to have a password (at least 10 chars upper lower numbers and punctuation right? ) that will then generate an AES-256 key.

The key will be used to encrypt/decrypt the file(s). You want to use something like PBKDF2 in order to decrease the ability for someone who gets your file to figure out your key/password through brute force attacks. Using something like PBKDF2 (and a random salt!) increases the cost of breaking the encryption on the file.

What I really recommend is that you use this as a toy and not to protect something you really care about. If you are not a security expert, you are going to make mistakes, even the experts (and lots of them together) make mistakes: sslshopper.com/article-ssl-and-tls-reneg....

Thanks for the tips. I did a lot more research after I posed this question and ended up implementing PBKDF2. Most of the heavy lifting is done by libraries written by individuals much smarter than myself.

That aside, I need to start somewhere and what better way to ensure that my program is correct than to have it protecting (hopefully) my own data? I'm well aware of the risks of rolling my own solution here and fully accept them. If I finish the project, I hope to release it as open source software so that others can scrutinize the code, add fixes, and possibly publicly humiliate my work.

:) – Charles Mar 20 '10 at 13:18.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.

Related Questions