[botan-devel] crypto question

Jack Lloyd lloyd at randombit.net
Fri May 18 14:04:47 EDT 2012

On Sun, May 13, 2012 at 09:25:51AM -0400, Timothy Prepscius wrote:

> I want an encryption method, which, best case scenario:
> 1.  Takes significant computation time to break.  Meaning, I would like the WhiteShirts to need to spend at least 6 hours, and then the InvisoShirts maybe an hour?  I would be fine with 30 minutes-  who knows what sort of computational extravagances the InvisoShirts have.
> 2.  Uses a human readable key, "mypassword1234"
> 3.  Uses a relatively small amount of computation to decrypt when provided the key.  (not more then 5 seconds on a modern computer)

PKCS8::BER_encode and PKCS8::PEM_encode (in pkcs8.h) will convert a
Private_Key& to a binary blob (or std::string encoding of said blob,
for PEM_encode) in a standard format. The 4-argument versions encrypt
using the password specified in the 3rd arg and the encryption
algorithm specified in the 4th (or if not set, AES-256).

Currently the PBKDF2 iterations used with PKCS8 encoding is only 10000
(and there is no way to increase this with the current API). A rough
back of the envelope is that with this iteration count someone with a
few tens of million USD for custom hardware could break a short
password in less than an hour. A long (>10 character) password would
be safe for a fairly extended time.


More information about the botan-devel mailing list