[botan-devel] crypto question
timprepscius at gmail.com
Sun May 13 09:25:51 EDT 2012
Firstly, I have been using Botan in a game engine for many years now.
Your library is superb. Thank you for the excellent work you've done.
I have *never* seen a crash with regards to your code. Awesome.
My question is slightly off topic for this dev list.
I ask because I trust the developers of this library.
I've read your code, you know what you are doing.
So I'm writing an application.
This application uses pub/priv keys to encrypt data.
However, because of a requirement, the private key needs to be encrypted, and stored in a potentially violatable area.
Better than security through obscurity, but, possibly hackable.
A year from now this requirement hopefully will not exist, but I must make do for now.
I will name this: bad-private-key-encryption-which-ishouldnt-be-doing.
I'm am looking for advice on the encryption manner for the "bad-private-key-encryption-which-ishouldnt-be-doing."
So basically, the user types in:
password = "mypassword"
and then "mypassword" is used to decrypt private key.
and then the private key is used to decrypt the data.
I want an encryption method, which, best case scenario:
1. Takes significant computation time to break. Meaning, I would like the WhiteShirts to need to spend at least 6 hours, and then the InvisoShirts maybe an hour? I would be fine with 30 minutes- who knows what sort of computational extravagances the InvisoShirts have.
2. Uses a human readable key, "mypassword1234"
3. Uses a relatively small amount of computation to decrypt when provided the key. (not more then 5 seconds on a modern computer)
Any suggestions? Oh gods of encryption?
Thanks again for your efforts, regardless of how you respond to this post,
More information about the botan-devel