[botan-devel] crypto question
timprepscius at gmail.com
Fri May 18 14:56:53 EDT 2012
I really appreciate this.
On May 18, 2012, at 2:04 PM, Jack Lloyd wrote:
> On Sun, May 13, 2012 at 09:25:51AM -0400, Timothy Prepscius wrote:
>> I want an encryption method, which, best case scenario:
>> 1. Takes significant computation time to break. Meaning, I would like the WhiteShirts to need to spend at least 6 hours, and then the InvisoShirts maybe an hour? I would be fine with 30 minutes- who knows what sort of computational extravagances the InvisoShirts have.
>> 2. Uses a human readable key, "mypassword1234"
>> 3. Uses a relatively small amount of computation to decrypt when provided the key. (not more then 5 seconds on a modern computer)
> PKCS8::BER_encode and PKCS8::PEM_encode (in pkcs8.h) will convert a
> Private_Key& to a binary blob (or std::string encoding of said blob,
> for PEM_encode) in a standard format. The 4-argument versions encrypt
> using the password specified in the 3rd arg and the encryption
> algorithm specified in the 4th (or if not set, AES-256).
> Currently the PBKDF2 iterations used with PKCS8 encoding is only 10000
> (and there is no way to increase this with the current API). A rough
> back of the envelope is that with this iteration count someone with a
> few tens of million USD for custom hardware could break a short
> password in less than an hour. A long (>10 character) password would
> be safe for a fairly extended time.
> botan-devel mailing list
> botan-devel at randombit.net
More information about the botan-devel