[botan-devel] crypto question

Timothy Prepscius timprepscius at gmail.com
Sun May 13 09:25:51 EDT 2012


Firstly, I have been using Botan in a game engine for many years now.  
Your library is superb.  Thank you for the excellent work you've done.
I have *never* seen a crash with regards to your code.  Awesome.

My question is slightly off topic for this dev list.  
I ask because I trust the developers of this library.
I've read your code, you know what you are doing.

So I'm writing an application.
This application uses pub/priv keys to encrypt data.

However, because of a requirement, the private key needs to be encrypted, and stored in a potentially violatable area.
Better than security through obscurity, but, possibly hackable.
A year from now this requirement hopefully will not exist, but I must make do for now.
I will name this:  bad-private-key-encryption-which-ishouldnt-be-doing.

I'm am looking for advice on the encryption manner for the "bad-private-key-encryption-which-ishouldnt-be-doing."

So basically, the user types in:

password = "mypassword"

and then "mypassword" is used to decrypt private key.
and then the private key is used to decrypt the data. 

I want an encryption method, which, best case scenario:

1.  Takes significant computation time to break.  Meaning, I would like the WhiteShirts to need to spend at least 6 hours, and then the InvisoShirts maybe an hour?  I would be fine with 30 minutes-  who knows what sort of computational extravagances the InvisoShirts have.

2.  Uses a human readable key, "mypassword1234"

3.  Uses a relatively small amount of computation to decrypt when provided the key.  (not more then 5 seconds on a modern computer)

Any suggestions?  Oh gods of encryption?

Thanks again for your efforts, regardless of how you respond to this post,


More information about the botan-devel mailing list