Use SHA512 to hash a password to encrypt data
I have a C# application in which I sometimes have to encrypt some data (XML file). Basically, the problem is I cannot store any keys on a server, or directly in the code, as .NET apps can be easily disassembled with for example dotPeek.
So basically my app would encrypt XML file and save it on disk, and then would be able to decrypt it.
I came up with an idea to ask for a passphrase every time a user wants to encrypt/decrypt the data. This passphrase would be hashed with SHA512 and the resulting bytes would be used as a key to encrypt the data. Then if the user wants to decrypt the file, they are asked for a passphrase again and this passphrase is used to decrypt the file (it may fail if the user enters a wrong passphrase).
So my first question would be: Is it actually a good idea?
My second question is about the implementation. I have hashing, serialization, deserialization, but I don't know which encryption algorithm should I use (I guess not RSA as the data to be encrypted would be really long) and then can I pass the passphrase as a key to this algorithm?
c# encryption
edited Nov 18 '18 at 23:43
Camilo Terevinto
18.3k63566
asked Nov 18 '18 at 23:40
dabljuesdabljues
1577
add a comment |
I have a C# application in which I sometimes have to encrypt some data (XML file). Basically, the problem is I cannot store any keys on a server, or directly in the code, as .NET apps can be easily disassembled with for example dotPeek.
So basically my app would encrypt XML file and save it on disk, and then would be able to decrypt it.
I came up with an idea to ask for a passphrase every time a user wants to encrypt/decrypt the data. This passphrase would be hashed with SHA512 and the resulting bytes would be used as a key to encrypt the data. Then if the user wants to decrypt the file, they are asked for a passphrase again and this passphrase is used to decrypt the file (it may fail if the user enters a wrong passphrase).
So my first question would be: Is it actually a good idea?
My second question is about the implementation. I have hashing, serialization, deserialization, but I don't know which encryption algorithm should I use (I guess not RSA as the data to be encrypted would be really long) and then can I pass the passphrase as a key to this algorithm?
c# encryption
edited Nov 18 '18 at 23:43
Camilo Terevinto
18.3k63566
asked Nov 18 '18 at 23:40
dabljuesdabljues
1577
You do know you just moved where the secret is to the left an inch. Someone can just look at your app to see what the name of the file is and what the password and/or encryption method is. As is, this is very broad for SO.
– None of the Above
Nov 18 '18 at 23:53
@Disaffected1070452 How would that be? The password would only be used to en/decrypt, the OP never said it would be stored
– Camilo Terevinto
Nov 18 '18 at 23:54
Hashed password would be stored, not the real password
– dabljues
Nov 19 '18 at 0:16
add a comment |
I have a C# application in which I sometimes have to encrypt some data (XML file). Basically, the problem is I cannot store any keys on a server, or directly in the code, as .NET apps can be easily disassembled with for example dotPeek.
So basically my app would encrypt XML file and save it on disk, and then would be able to decrypt it.
I came up with an idea to ask for a passphrase every time a user wants to encrypt/decrypt the data. This passphrase would be hashed with SHA512 and the resulting bytes would be used as a key to encrypt the data. Then if the user wants to decrypt the file, they are asked for a passphrase again and this passphrase is used to decrypt the file (it may fail if the user enters a wrong passphrase).
So my first question would be: Is it actually a good idea?
My second question is about the implementation. I have hashing, serialization, deserialization, but I don't know which encryption algorithm should I use (I guess not RSA as the data to be encrypted would be really long) and then can I pass the passphrase as a key to this algorithm?
c# encryption
edited Nov 18 '18 at 23:43
Camilo Terevinto
18.3k63566
asked Nov 18 '18 at 23:40
dabljuesdabljues
1577
I have a C# application in which I sometimes have to encrypt some data (XML file). Basically, the problem is I cannot store any keys on a server, or directly in the code, as .NET apps can be easily disassembled with for example dotPeek.
So basically my app would encrypt XML file and save it on disk, and then would be able to decrypt it.
I came up with an idea to ask for a passphrase every time a user wants to encrypt/decrypt the data. This passphrase would be hashed with SHA512 and the resulting bytes would be used as a key to encrypt the data. Then if the user wants to decrypt the file, they are asked for a passphrase again and this passphrase is used to decrypt the file (it may fail if the user enters a wrong passphrase).
So my first question would be: Is it actually a good idea?
My second question is about the implementation. I have hashing, serialization, deserialization, but I don't know which encryption algorithm should I use (I guess not RSA as the data to be encrypted would be really long) and then can I pass the passphrase as a key to this algorithm?
c# encryption
c# encryption
edited Nov 18 '18 at 23:43
Camilo Terevinto
18.3k63566
asked Nov 18 '18 at 23:40
dabljuesdabljues
1577
edited Nov 18 '18 at 23:43
Camilo Terevinto
18.3k63566
asked Nov 18 '18 at 23:40
dabljuesdabljues
1577
edited Nov 18 '18 at 23:43
Camilo Terevinto
18.3k63566
edited Nov 18 '18 at 23:43
Camilo Terevinto
18.3k63566
edited Nov 18 '18 at 23:43
Camilo Terevinto
18.3k63566
18.3k63566
asked Nov 18 '18 at 23:40
dabljuesdabljues
1577
asked Nov 18 '18 at 23:40
dabljuesdabljues
1577
asked Nov 18 '18 at 23:40
dabljuesdabljues
1577
1577
You do know you just moved where the secret is to the left an inch. Someone can just look at your app to see what the name of the file is and what the password and/or encryption method is. As is, this is very broad for SO.
– None of the Above
Nov 18 '18 at 23:53
@Disaffected1070452 How would that be? The password would only be used to en/decrypt, the OP never said it would be stored
– Camilo Terevinto
Nov 18 '18 at 23:54
Hashed password would be stored, not the real password
– dabljues
Nov 19 '18 at 0:16
add a comment |
You do know you just moved where the secret is to the left an inch. Someone can just look at your app to see what the name of the file is and what the password and/or encryption method is. As is, this is very broad for SO.
– None of the Above
Nov 18 '18 at 23:53
@Disaffected1070452 How would that be? The password would only be used to en/decrypt, the OP never said it would be stored
– Camilo Terevinto
Nov 18 '18 at 23:54
Hashed password would be stored, not the real password
– dabljues
Nov 19 '18 at 0:16
You do know you just moved where the secret is to the left an inch. Someone can just look at your app to see what the name of the file is and what the password and/or encryption method is. As is, this is very broad for SO.
– None of the Above
Nov 18 '18 at 23:53
You do know you just moved where the secret is to the left an inch. Someone can just look at your app to see what the name of the file is and what the password and/or encryption method is. As is, this is very broad for SO.
– None of the Above
Nov 18 '18 at 23:53
@Disaffected1070452 How would that be? The password would only be used to en/decrypt, the OP never said it would be stored
– Camilo Terevinto
Nov 18 '18 at 23:54
@Disaffected1070452 How would that be? The password would only be used to en/decrypt, the OP never said it would be stored
– Camilo Terevinto
Nov 18 '18 at 23:54
Hashed password would be stored, not the real password
– dabljues
Nov 19 '18 at 0:16
Hashed password would be stored, not the real password
– dabljues
Nov 19 '18 at 0:16
add a comment |
1 Answer
1
active
oldest
votes
You've stumbled upon the idea of a Key Derivation Function (KDF). What you're suggesting is, with a few differences, an excellent idea and one used often. The small-ish issue is that SHA-512 alone is not a good KDF. I recommend you read about PBKDF2 (in .NET, the implementation is called Rfc2898DeriveBytes). Password hashes like bcrypt and argon2 are also very viable choices.
In regards to your question regarding the encryption algorithm, AES is currently considered the "standard" symmetric encryption algorithm. There are many other viable options however. Just ensure you aren't using DES or Triple-DES, they're dated algorithms. Also ensure you're using a secure block mode. GCM is arguably the "best".
answered Nov 18 '18 at 23:52
Luke Joshua ParkLuke Joshua Park
5,02651631
Thanks for the input. I actually had an enlightenment and I thought about usingProtectedData.Protect/Unprotectas its more convenient than typing a passphrase every time. What do you think?
– dabljues
Nov 19 '18 at 0:17
Personally I would use your original solution.ProtectedDatahas some undesirable nuances...
– Luke Joshua Park
Nov 19 '18 at 0:18
Do you have some resources about those nuances? Cuz this is a project for my university professor and he is keen on not typing the password
– dabljues
Nov 19 '18 at 0:49
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53366559%2fuse-sha512-to-hash-a-password-to-encrypt-data%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
You've stumbled upon the idea of a Key Derivation Function (KDF). What you're suggesting is, with a few differences, an excellent idea and one used often. The small-ish issue is that SHA-512 alone is not a good KDF. I recommend you read about PBKDF2 (in .NET, the implementation is called Rfc2898DeriveBytes). Password hashes like bcrypt and argon2 are also very viable choices.
In regards to your question regarding the encryption algorithm, AES is currently considered the "standard" symmetric encryption algorithm. There are many other viable options however. Just ensure you aren't using DES or Triple-DES, they're dated algorithms. Also ensure you're using a secure block mode. GCM is arguably the "best".
answered Nov 18 '18 at 23:52
Luke Joshua ParkLuke Joshua Park
5,02651631
Thanks for the input. I actually had an enlightenment and I thought about usingProtectedData.Protect/Unprotectas its more convenient than typing a passphrase every time. What do you think?
– dabljues
Nov 19 '18 at 0:17
Personally I would use your original solution.ProtectedDatahas some undesirable nuances...
– Luke Joshua Park
Nov 19 '18 at 0:18
Do you have some resources about those nuances? Cuz this is a project for my university professor and he is keen on not typing the password
– dabljues
Nov 19 '18 at 0:49
add a comment |
You've stumbled upon the idea of a Key Derivation Function (KDF). What you're suggesting is, with a few differences, an excellent idea and one used often. The small-ish issue is that SHA-512 alone is not a good KDF. I recommend you read about PBKDF2 (in .NET, the implementation is called Rfc2898DeriveBytes). Password hashes like bcrypt and argon2 are also very viable choices.
In regards to your question regarding the encryption algorithm, AES is currently considered the "standard" symmetric encryption algorithm. There are many other viable options however. Just ensure you aren't using DES or Triple-DES, they're dated algorithms. Also ensure you're using a secure block mode. GCM is arguably the "best".
answered Nov 18 '18 at 23:52
Luke Joshua ParkLuke Joshua Park
5,02651631
Thanks for the input. I actually had an enlightenment and I thought about usingProtectedData.Protect/Unprotectas its more convenient than typing a passphrase every time. What do you think?
– dabljues
Nov 19 '18 at 0:17
Personally I would use your original solution.ProtectedDatahas some undesirable nuances...
– Luke Joshua Park
Nov 19 '18 at 0:18
Do you have some resources about those nuances? Cuz this is a project for my university professor and he is keen on not typing the password
– dabljues
Nov 19 '18 at 0:49
add a comment |
You've stumbled upon the idea of a Key Derivation Function (KDF). What you're suggesting is, with a few differences, an excellent idea and one used often. The small-ish issue is that SHA-512 alone is not a good KDF. I recommend you read about PBKDF2 (in .NET, the implementation is called Rfc2898DeriveBytes). Password hashes like bcrypt and argon2 are also very viable choices.
In regards to your question regarding the encryption algorithm, AES is currently considered the "standard" symmetric encryption algorithm. There are many other viable options however. Just ensure you aren't using DES or Triple-DES, they're dated algorithms. Also ensure you're using a secure block mode. GCM is arguably the "best".
answered Nov 18 '18 at 23:52
Luke Joshua ParkLuke Joshua Park
5,02651631
You've stumbled upon the idea of a Key Derivation Function (KDF). What you're suggesting is, with a few differences, an excellent idea and one used often. The small-ish issue is that SHA-512 alone is not a good KDF. I recommend you read about PBKDF2 (in .NET, the implementation is called Rfc2898DeriveBytes). Password hashes like bcrypt and argon2 are also very viable choices.
In regards to your question regarding the encryption algorithm, AES is currently considered the "standard" symmetric encryption algorithm. There are many other viable options however. Just ensure you aren't using DES or Triple-DES, they're dated algorithms. Also ensure you're using a secure block mode. GCM is arguably the "best".
answered Nov 18 '18 at 23:52
Luke Joshua ParkLuke Joshua Park
5,02651631
answered Nov 18 '18 at 23:52
Luke Joshua ParkLuke Joshua Park
5,02651631
answered Nov 18 '18 at 23:52
Luke Joshua ParkLuke Joshua Park
5,02651631
answered Nov 18 '18 at 23:52
Luke Joshua ParkLuke Joshua Park
5,02651631
5,02651631
Thanks for the input. I actually had an enlightenment and I thought about usingProtectedData.Protect/Unprotectas its more convenient than typing a passphrase every time. What do you think?
– dabljues
Nov 19 '18 at 0:17
Personally I would use your original solution.ProtectedDatahas some undesirable nuances...
– Luke Joshua Park
Nov 19 '18 at 0:18
Do you have some resources about those nuances? Cuz this is a project for my university professor and he is keen on not typing the password
– dabljues
Nov 19 '18 at 0:49
add a comment |
Thanks for the input. I actually had an enlightenment and I thought about usingProtectedData.Protect/Unprotectas its more convenient than typing a passphrase every time. What do you think?
– dabljues
Nov 19 '18 at 0:17
Personally I would use your original solution.ProtectedDatahas some undesirable nuances...
– Luke Joshua Park
Nov 19 '18 at 0:18
Do you have some resources about those nuances? Cuz this is a project for my university professor and he is keen on not typing the password
– dabljues
Nov 19 '18 at 0:49
Thanks for the input. I actually had an enlightenment and I thought about using
ProtectedData.Protect/Unprotect as its more convenient than typing a passphrase every time. What do you think?– dabljues
Nov 19 '18 at 0:17
Thanks for the input. I actually had an enlightenment and I thought about using
ProtectedData.Protect/Unprotect as its more convenient than typing a passphrase every time. What do you think?– dabljues
Nov 19 '18 at 0:17
Personally I would use your original solution.
ProtectedData has some undesirable nuances...– Luke Joshua Park
Nov 19 '18 at 0:18
Personally I would use your original solution.
ProtectedData has some undesirable nuances...– Luke Joshua Park
Nov 19 '18 at 0:18
Do you have some resources about those nuances? Cuz this is a project for my university professor and he is keen on not typing the password
– dabljues
Nov 19 '18 at 0:49
Do you have some resources about those nuances? Cuz this is a project for my university professor and he is keen on not typing the password
– dabljues
Nov 19 '18 at 0:49
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53366559%2fuse-sha512-to-hash-a-password-to-encrypt-data%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
You do know you just moved where the secret is to the left an inch. Someone can just look at your app to see what the name of the file is and what the password and/or encryption method is. As is, this is very broad for SO.
– None of the Above
Nov 18 '18 at 23:53
@Disaffected1070452 How would that be? The password would only be used to en/decrypt, the OP never said it would be stored
– Camilo Terevinto
Nov 18 '18 at 23:54
Hashed password would be stored, not the real password
– dabljues
Nov 19 '18 at 0:16