weekendfert.blogg.se - Base64 encoding without padding encryption

Base64 encoding without padding encryption full#
Base64 encoding without padding encryption password#

If what your library does is only known as "it does some encryption" then there is no way to give any significant answer to your question. The library is responsible for implementing the algorithm correctly, but the security comes from the underlying algorithm and how it is used (assembly of cryptographic algorithms is often called a protocol). In any case, the most important thing is not the library but the algorithm. In the second case, this is worse: custom, homemade algorithms are invariably weak. In the first case, the library has a sloppy API it should not be artificially limited to character strings.

or it uses some custom algorithm based on characters.

either it internally converts character strings back to bytes.

Since all decent cryptographic algorithms are defined to operate on sequences of bits or bytes, there are only two possibilities for your "encryption library": It can even be used as some kind of compatibility layer between implementations of PBKDF2. Usually it is compatible with ASCII though, so base 64 is likely to work. The API should therefore also specify the character encoding.

Base64 encoding without padding encryption password#

If that is directly fed into PBKDF2 or if it is first encoded as base64 makes no difference.įunny enough for a password based function PBKDF2 is also defined to operate on bytes. If the key is not a key but a password fed into PBKDF2 then you just need to provide it enough entropy. There seems to be precious little information available for Synercoding.Encryption - that's not a good sign. You would expect that conversion from base64 or hexadecimals is well documented for the library. Obviously in such a case base64 does not make a difference. If the encryption library itself decodes the base64 then your key is first converted 1:1 to base64 and then back to the original key again. In that case you should not claim 256 bit security, as the amount of possible keys in your scheme is still 2^192. So if you have a 192 bit AES key it will be converted to an AES 256 bit key. In that case the only problem is that base64 will contain 3/4th of the entropy of a fully random key. So as long as your base 64 encoded key has a valid key size it may be accepted.

This means that the bytes that make up the key can have any value.

Base64 encoding without padding encryption full#

On the other hand most encryption libraries use the full range of the key space.

std:string does not have to contain character strings, it can contain byte strings (a.k.a. If your library accepts character strings then they will be converted to bytes within. All modern ciphers are defined to operate on bytes (some are defined to operate on bits, but most libraries will assume a byte is the minimum unit of data). There is no way that a modern encryption library operates on characters.