- Jun 6, 2020
- 11,559
- 4,422
This example is based on agrahams encryption library:
1. Generate a 32 byte pw (just call the sub) and store it
2. Encrypt the data by calling AES_Encrypt. Return is a byte array or a base64 encoded string
3. Salt is a random value which is added at the beginning of the encrypted string. It is a good practice to add some random bytes to a message. A hacker doesn't know how long this "salt" is. Could be 16 or 16K of bytes.
4. IV is public and random, too and is used to scramble the order of the blocks (AES is a block cypher method). With this method you always get different byte orders with the same message (which is good as in encryption one does not want repetitive data sequences at it is seen a problematic). Like the Emigma device which was hacked in WW2 because almost all messages started with a standard weather report using the same sentences/words.
5. Use RSA to exchange the key/pw (so you can exchange it like SSL does).
B4X:
برای دیدن لینک ها باید ثبت نام کنید
1. Generate a 32 byte pw (just call the sub) and store it
2. Encrypt the data by calling AES_Encrypt. Return is a byte array or a base64 encoded string
3. Salt is a random value which is added at the beginning of the encrypted string. It is a good practice to add some random bytes to a message. A hacker doesn't know how long this "salt" is. Could be 16 or 16K of bytes.
4. IV is public and random, too and is used to scramble the order of the blocks (AES is a block cypher method). With this method you always get different byte orders with the same message (which is good as in encryption one does not want repetitive data sequences at it is seen a problematic). Like the Emigma device which was hacked in WW2 because almost all messages started with a standard weather report using the same sentences/words.
5. Use RSA to exchange the key/pw (so you can exchange it like SSL does).
B4X:
Public Sub...
برای دیدن لینک ها باید ثبت نام کنید
برای دیدن لینک ها باید ثبت نام کنید