Devart Forums

Discussion forums for open issues and questions concerning database tools, data access components and developer tools from Devart
https://forums.devart.com/

Add Salt for Encryption component

https://forums.devart.com/viewtopic.php?f=7&t=24681

Page 1 of 1

Add Salt for Encryption component

Posted: Thu 09 Aug 2012 22:51
by skydvrz
It is common to salt each encrypted record "password" or encryption key with a unique value. This prevents cryptanalysis of repeating encrypted values since identical plaintext strings will encrypt differently.

"AAAA" plaintext in one record will encrypt differently than "AAAA" in another, using the same password concatenated with the record's salt value. The salt value is stored in plaintext in each record.

The way you have implemented it now encrypts "AAAA" to "1234" (or whatever) every time.

Will you consider adding salt support in your encryption component in some future version?

Best regards,

Kevin G. McCoy

Re: Add Salt for Encryption component

Posted: Fri 10 Aug 2012 07:55
by AndreyZ
Hello,

Encryption does use salt (in the MyDAC documentation it is called random initializing vector) for each encrypted record. The only situation when salt is not used, is when the TMyEncryptor.DataHeader is set to ehNone. For more information, please read the "Data Encryption" article and the description of the TCREncDataHeader enumeration in the MyDAC documentation.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/