Use SHA512 to hash a password to encrypt data












0















I have a C# application in which I sometimes have to encrypt some data (XML file). Basically, the problem is I cannot store any keys on a server, or directly in the code, as .NET apps can be easily disassembled with for example dotPeek.



So basically my app would encrypt XML file and save it on disk, and then would be able to decrypt it.



I came up with an idea to ask for a passphrase every time a user wants to encrypt/decrypt the data. This passphrase would be hashed with SHA512 and the resulting bytes would be used as a key to encrypt the data. Then if the user wants to decrypt the file, they are asked for a passphrase again and this passphrase is used to decrypt the file (it may fail if the user enters a wrong passphrase).



So my first question would be: Is it actually a good idea?



My second question is about the implementation. I have hashing, serialization, deserialization, but I don't know which encryption algorithm should I use (I guess not RSA as the data to be encrypted would be really long) and then can I pass the passphrase as a key to this algorithm?










share|improve this question

























  • You do know you just moved where the secret is to the left an inch. Someone can just look at your app to see what the name of the file is and what the password and/or encryption method is. As is, this is very broad for SO.

    – None of the Above
    Nov 18 '18 at 23:53











  • @Disaffected1070452 How would that be? The password would only be used to en/decrypt, the OP never said it would be stored

    – Camilo Terevinto
    Nov 18 '18 at 23:54











  • Hashed password would be stored, not the real password

    – dabljues
    Nov 19 '18 at 0:16
















0















I have a C# application in which I sometimes have to encrypt some data (XML file). Basically, the problem is I cannot store any keys on a server, or directly in the code, as .NET apps can be easily disassembled with for example dotPeek.



So basically my app would encrypt XML file and save it on disk, and then would be able to decrypt it.



I came up with an idea to ask for a passphrase every time a user wants to encrypt/decrypt the data. This passphrase would be hashed with SHA512 and the resulting bytes would be used as a key to encrypt the data. Then if the user wants to decrypt the file, they are asked for a passphrase again and this passphrase is used to decrypt the file (it may fail if the user enters a wrong passphrase).



So my first question would be: Is it actually a good idea?



My second question is about the implementation. I have hashing, serialization, deserialization, but I don't know which encryption algorithm should I use (I guess not RSA as the data to be encrypted would be really long) and then can I pass the passphrase as a key to this algorithm?










share|improve this question

























  • You do know you just moved where the secret is to the left an inch. Someone can just look at your app to see what the name of the file is and what the password and/or encryption method is. As is, this is very broad for SO.

    – None of the Above
    Nov 18 '18 at 23:53











  • @Disaffected1070452 How would that be? The password would only be used to en/decrypt, the OP never said it would be stored

    – Camilo Terevinto
    Nov 18 '18 at 23:54











  • Hashed password would be stored, not the real password

    – dabljues
    Nov 19 '18 at 0:16














0












0








0








I have a C# application in which I sometimes have to encrypt some data (XML file). Basically, the problem is I cannot store any keys on a server, or directly in the code, as .NET apps can be easily disassembled with for example dotPeek.



So basically my app would encrypt XML file and save it on disk, and then would be able to decrypt it.



I came up with an idea to ask for a passphrase every time a user wants to encrypt/decrypt the data. This passphrase would be hashed with SHA512 and the resulting bytes would be used as a key to encrypt the data. Then if the user wants to decrypt the file, they are asked for a passphrase again and this passphrase is used to decrypt the file (it may fail if the user enters a wrong passphrase).



So my first question would be: Is it actually a good idea?



My second question is about the implementation. I have hashing, serialization, deserialization, but I don't know which encryption algorithm should I use (I guess not RSA as the data to be encrypted would be really long) and then can I pass the passphrase as a key to this algorithm?










share|improve this question
















I have a C# application in which I sometimes have to encrypt some data (XML file). Basically, the problem is I cannot store any keys on a server, or directly in the code, as .NET apps can be easily disassembled with for example dotPeek.



So basically my app would encrypt XML file and save it on disk, and then would be able to decrypt it.



I came up with an idea to ask for a passphrase every time a user wants to encrypt/decrypt the data. This passphrase would be hashed with SHA512 and the resulting bytes would be used as a key to encrypt the data. Then if the user wants to decrypt the file, they are asked for a passphrase again and this passphrase is used to decrypt the file (it may fail if the user enters a wrong passphrase).



So my first question would be: Is it actually a good idea?



My second question is about the implementation. I have hashing, serialization, deserialization, but I don't know which encryption algorithm should I use (I guess not RSA as the data to be encrypted would be really long) and then can I pass the passphrase as a key to this algorithm?







c# encryption






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 18 '18 at 23:43









Camilo Terevinto

18.3k63566




18.3k63566










asked Nov 18 '18 at 23:40









dabljuesdabljues

1577




1577













  • You do know you just moved where the secret is to the left an inch. Someone can just look at your app to see what the name of the file is and what the password and/or encryption method is. As is, this is very broad for SO.

    – None of the Above
    Nov 18 '18 at 23:53











  • @Disaffected1070452 How would that be? The password would only be used to en/decrypt, the OP never said it would be stored

    – Camilo Terevinto
    Nov 18 '18 at 23:54











  • Hashed password would be stored, not the real password

    – dabljues
    Nov 19 '18 at 0:16



















  • You do know you just moved where the secret is to the left an inch. Someone can just look at your app to see what the name of the file is and what the password and/or encryption method is. As is, this is very broad for SO.

    – None of the Above
    Nov 18 '18 at 23:53











  • @Disaffected1070452 How would that be? The password would only be used to en/decrypt, the OP never said it would be stored

    – Camilo Terevinto
    Nov 18 '18 at 23:54











  • Hashed password would be stored, not the real password

    – dabljues
    Nov 19 '18 at 0:16

















You do know you just moved where the secret is to the left an inch. Someone can just look at your app to see what the name of the file is and what the password and/or encryption method is. As is, this is very broad for SO.

– None of the Above
Nov 18 '18 at 23:53





You do know you just moved where the secret is to the left an inch. Someone can just look at your app to see what the name of the file is and what the password and/or encryption method is. As is, this is very broad for SO.

– None of the Above
Nov 18 '18 at 23:53













@Disaffected1070452 How would that be? The password would only be used to en/decrypt, the OP never said it would be stored

– Camilo Terevinto
Nov 18 '18 at 23:54





@Disaffected1070452 How would that be? The password would only be used to en/decrypt, the OP never said it would be stored

– Camilo Terevinto
Nov 18 '18 at 23:54













Hashed password would be stored, not the real password

– dabljues
Nov 19 '18 at 0:16





Hashed password would be stored, not the real password

– dabljues
Nov 19 '18 at 0:16












1 Answer
1






active

oldest

votes


















2














You've stumbled upon the idea of a Key Derivation Function (KDF). What you're suggesting is, with a few differences, an excellent idea and one used often. The small-ish issue is that SHA-512 alone is not a good KDF. I recommend you read about PBKDF2 (in .NET, the implementation is called Rfc2898DeriveBytes). Password hashes like bcrypt and argon2 are also very viable choices.



In regards to your question regarding the encryption algorithm, AES is currently considered the "standard" symmetric encryption algorithm. There are many other viable options however. Just ensure you aren't using DES or Triple-DES, they're dated algorithms. Also ensure you're using a secure block mode. GCM is arguably the "best".






share|improve this answer
























  • Thanks for the input. I actually had an enlightenment and I thought about using ProtectedData.Protect/Unprotect as its more convenient than typing a passphrase every time. What do you think?

    – dabljues
    Nov 19 '18 at 0:17











  • Personally I would use your original solution. ProtectedData has some undesirable nuances...

    – Luke Joshua Park
    Nov 19 '18 at 0:18











  • Do you have some resources about those nuances? Cuz this is a project for my university professor and he is keen on not typing the password

    – dabljues
    Nov 19 '18 at 0:49











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53366559%2fuse-sha512-to-hash-a-password-to-encrypt-data%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









2














You've stumbled upon the idea of a Key Derivation Function (KDF). What you're suggesting is, with a few differences, an excellent idea and one used often. The small-ish issue is that SHA-512 alone is not a good KDF. I recommend you read about PBKDF2 (in .NET, the implementation is called Rfc2898DeriveBytes). Password hashes like bcrypt and argon2 are also very viable choices.



In regards to your question regarding the encryption algorithm, AES is currently considered the "standard" symmetric encryption algorithm. There are many other viable options however. Just ensure you aren't using DES or Triple-DES, they're dated algorithms. Also ensure you're using a secure block mode. GCM is arguably the "best".






share|improve this answer
























  • Thanks for the input. I actually had an enlightenment and I thought about using ProtectedData.Protect/Unprotect as its more convenient than typing a passphrase every time. What do you think?

    – dabljues
    Nov 19 '18 at 0:17











  • Personally I would use your original solution. ProtectedData has some undesirable nuances...

    – Luke Joshua Park
    Nov 19 '18 at 0:18











  • Do you have some resources about those nuances? Cuz this is a project for my university professor and he is keen on not typing the password

    – dabljues
    Nov 19 '18 at 0:49
















2














You've stumbled upon the idea of a Key Derivation Function (KDF). What you're suggesting is, with a few differences, an excellent idea and one used often. The small-ish issue is that SHA-512 alone is not a good KDF. I recommend you read about PBKDF2 (in .NET, the implementation is called Rfc2898DeriveBytes). Password hashes like bcrypt and argon2 are also very viable choices.



In regards to your question regarding the encryption algorithm, AES is currently considered the "standard" symmetric encryption algorithm. There are many other viable options however. Just ensure you aren't using DES or Triple-DES, they're dated algorithms. Also ensure you're using a secure block mode. GCM is arguably the "best".






share|improve this answer
























  • Thanks for the input. I actually had an enlightenment and I thought about using ProtectedData.Protect/Unprotect as its more convenient than typing a passphrase every time. What do you think?

    – dabljues
    Nov 19 '18 at 0:17











  • Personally I would use your original solution. ProtectedData has some undesirable nuances...

    – Luke Joshua Park
    Nov 19 '18 at 0:18











  • Do you have some resources about those nuances? Cuz this is a project for my university professor and he is keen on not typing the password

    – dabljues
    Nov 19 '18 at 0:49














2












2








2







You've stumbled upon the idea of a Key Derivation Function (KDF). What you're suggesting is, with a few differences, an excellent idea and one used often. The small-ish issue is that SHA-512 alone is not a good KDF. I recommend you read about PBKDF2 (in .NET, the implementation is called Rfc2898DeriveBytes). Password hashes like bcrypt and argon2 are also very viable choices.



In regards to your question regarding the encryption algorithm, AES is currently considered the "standard" symmetric encryption algorithm. There are many other viable options however. Just ensure you aren't using DES or Triple-DES, they're dated algorithms. Also ensure you're using a secure block mode. GCM is arguably the "best".






share|improve this answer













You've stumbled upon the idea of a Key Derivation Function (KDF). What you're suggesting is, with a few differences, an excellent idea and one used often. The small-ish issue is that SHA-512 alone is not a good KDF. I recommend you read about PBKDF2 (in .NET, the implementation is called Rfc2898DeriveBytes). Password hashes like bcrypt and argon2 are also very viable choices.



In regards to your question regarding the encryption algorithm, AES is currently considered the "standard" symmetric encryption algorithm. There are many other viable options however. Just ensure you aren't using DES or Triple-DES, they're dated algorithms. Also ensure you're using a secure block mode. GCM is arguably the "best".







share|improve this answer












share|improve this answer



share|improve this answer










answered Nov 18 '18 at 23:52









Luke Joshua ParkLuke Joshua Park

5,02651631




5,02651631













  • Thanks for the input. I actually had an enlightenment and I thought about using ProtectedData.Protect/Unprotect as its more convenient than typing a passphrase every time. What do you think?

    – dabljues
    Nov 19 '18 at 0:17











  • Personally I would use your original solution. ProtectedData has some undesirable nuances...

    – Luke Joshua Park
    Nov 19 '18 at 0:18











  • Do you have some resources about those nuances? Cuz this is a project for my university professor and he is keen on not typing the password

    – dabljues
    Nov 19 '18 at 0:49



















  • Thanks for the input. I actually had an enlightenment and I thought about using ProtectedData.Protect/Unprotect as its more convenient than typing a passphrase every time. What do you think?

    – dabljues
    Nov 19 '18 at 0:17











  • Personally I would use your original solution. ProtectedData has some undesirable nuances...

    – Luke Joshua Park
    Nov 19 '18 at 0:18











  • Do you have some resources about those nuances? Cuz this is a project for my university professor and he is keen on not typing the password

    – dabljues
    Nov 19 '18 at 0:49

















Thanks for the input. I actually had an enlightenment and I thought about using ProtectedData.Protect/Unprotect as its more convenient than typing a passphrase every time. What do you think?

– dabljues
Nov 19 '18 at 0:17





Thanks for the input. I actually had an enlightenment and I thought about using ProtectedData.Protect/Unprotect as its more convenient than typing a passphrase every time. What do you think?

– dabljues
Nov 19 '18 at 0:17













Personally I would use your original solution. ProtectedData has some undesirable nuances...

– Luke Joshua Park
Nov 19 '18 at 0:18





Personally I would use your original solution. ProtectedData has some undesirable nuances...

– Luke Joshua Park
Nov 19 '18 at 0:18













Do you have some resources about those nuances? Cuz this is a project for my university professor and he is keen on not typing the password

– dabljues
Nov 19 '18 at 0:49





Do you have some resources about those nuances? Cuz this is a project for my university professor and he is keen on not typing the password

– dabljues
Nov 19 '18 at 0:49


















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53366559%2fuse-sha512-to-hash-a-password-to-encrypt-data%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

Guess what letter conforming each word

Port of Spain

Run scheduled task as local user group (not BUILTIN)