Page 1 of 1

Variable encryption method

Posted: Fri Jun 20, 2008 10:27 am
by VirtuosiMedia
Just an idea to throw out there, but what do you think about allowing an admin to choose their method of encryption and their salt during the install for a web-based distributable app? For instance, allow them to choose between SHA256, SHA512, etc. Their choice would then be applied in every instance where encryption is needed in the application. Outdated or cracked algorithms wouldn't be included as choices. The idea is that for multiple installs of the same program across the web, you don't know what encryption method is being used. As a practical matter, would this add any more security?

Re: Variable encryption method

Posted: Fri Jun 20, 2008 1:12 pm
by LBmtb
I would say so, yes. It is a bit on the paranoid side . . . but then again isn't that what being secure is all about?

Re: Variable encryption method

Posted: Fri Jun 20, 2008 2:50 pm
by VirtuosiMedia
LBmtb wrote:I would say so, yes. It is a bit on the paranoid side . . . but then again isn't that what being secure is all about?
Just because I'm paranoid doesn't mean someone isn't out to get me. :wink:

Re: Variable encryption method

Posted: Mon Jun 23, 2008 10:18 am
by Mordred
(Hashing, not encryption)
Yes and no.
You can't (easily; without some worries with the users) change the hashing scheme at runtime. Besides, it is pointless (see below)
You should not let the admin choose his own salt. He'll choose "salt". Instead, generate one with a strong random. Keep it in a config file. Combine it with a per-user salt.
Details: viewtopic.php?t=62782

The secrecy of the hashing scheme will not come from the secrecy of what particular scheme was chosen, but from its parameters - like the salts and how they are applied.
If the attacker has access to your hashes, he will surely know which function was used from the size of the hash. Let him know, it's generally of little help to him, if you have good salts.

Re: Variable encryption method

Posted: Mon Jun 23, 2008 1:42 pm
by VirtuosiMedia
Mordred wrote:(Hashing, not encryption)
The secrecy of the hashing scheme will not come from the secrecy of what particular scheme was chosen, but from its parameters - like the salts and how they are applied. If the attacker has access to your hashes, he will surely know which function was used from the size of the hash. Let him know, it's generally of little help to him, if you have good salts.
Those are good points. Thanks.