One common application of Base64 encoding on the web is to encode binary data so it can be included in a data: URL. Base64 is commonly used in a number of applications including email via MIME, and storing complex data in XML. This is to ensure that the data remain intact without modification during transport. The term Base64 originates from a specific MIME content transfer encoding.īase64 encoding schemes are commonly used when there is a need to encode binary data that needs to be stored and transferred over media that are designed to deal with ASCII. If your library does not specify what protocol it implements, as a well-defined and studied standard, then the only sane action you may perform is to get rid of that library, and go find a better one.Base64 is a group of similar binary-to-text encoding schemes that represent binary data in an ASCII string format by translating it into a radix-64 representation. If what your library does is only known as "it does some encryption" then there is no way to give any significant answer to your question. The library is responsible for implementing the algorithm correctly, but the security comes from the underlying algorithm and how it is used (assembly of cryptographic algorithms is often called a protocol). In any case, the most important thing is not the library but the algorithm. In the second case, this is worse: custom, homemade algorithms are invariably weak. In the first case, the library has a sloppy API it should not be artificially limited to character strings. or it uses some custom algorithm based on characters.either it internally converts character strings back to bytes.Since all decent cryptographic algorithms are defined to operate on sequences of bits or bytes, there are only two possibilities for your "encryption library": It can even be used as some kind of compatibility layer between implementations of PBKDF2. Usually it is compatible with ASCII though, so base 64 is likely to work. The API should therefore also specify the character encoding. If that is directly fed into PBKDF2 or if it is first encoded as base64 makes no difference.įunny enough for a password based function PBKDF2 is also defined to operate on bytes. If the key is not a key but a password fed into PBKDF2 then you just need to provide it enough entropy. There seems to be precious little information available for Synercoding.Encryption - that's not a good sign. You would expect that conversion from base64 or hexadecimals is well documented for the library. Obviously in such a case base64 does not make a difference. If the encryption library itself decodes the base64 then your key is first converted 1:1 to base64 and then back to the original key again. In that case you should not claim 256 bit security, as the amount of possible keys in your scheme is still 2^192. So if you have a 192 bit AES key it will be converted to an AES 256 bit key. In that case the only problem is that base64 will contain 3/4th of the entropy of a fully random key. So as long as your base 64 encoded key has a valid key size it may be accepted. This means that the bytes that make up the key can have any value. On the other hand most encryption libraries use the full range of the key space. std:string does not have to contain character strings, it can contain byte strings (a.k.a. If your library accepts character strings then they will be converted to bytes within. All modern ciphers are defined to operate on bytes (some are defined to operate on bits, but most libraries will assume a byte is the minimum unit of data). There is no way that a modern encryption library operates on characters.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |