16

Say I have some data and a password, and I want to encrypt the data in such a way that it can only be recovered with the right password.

How does this technically work (i.e. how to implement this)? I often hear people use bitshifting for encryption, but how do you base that on a password? How does password-based encryption work?

An example is Mac OS X FileVault

Thanks.

If you give sample code, preferably in C, Objective-C or pseudocode.

  • 6
    A proper and complete answer is about 2 years of graduate classes in comp sci and math. Many PhDs have been written on encryption... – Paul Nathan Nov 02 '10 at 20:02
  • 7
    The one thing you probably *don't* want to do is roll-your-own crypto library, at least if you actually care about the security of the encrypted data. Getting crypto right is **hard**. – David Gelhar Nov 02 '10 at 20:11
  • Look around BlowFish : http://en.wikipedia.org/wiki/Blowfish_%28cipher%29 – ykatchou Nov 02 '10 at 19:43

6 Answers6

20

For (symmetric) encryption you need a secret key for encryption and decryption.

Usually, the password you supply is used as the source of this key. For various security reasons, the password is not (and often cannot, due to requirements of the cipher used) directly used as the key. Instead, a key derivation function is used to generate the key from the password.

This is why passwords for encryption must be long and fairly random: Otherwise the resulting key will only come from a very small subset of possible keys, and these can then simply all be tried, thus brute-forcing the encryption.

As to code examples, there are several possibilities:

  • look at the source code of a crypto library, such as OpenSSL
  • look at the source code of a program that implements encryption, such as GnuPG
  • google some sample source code for a simple encryption algorithm, or a key derivation function, and try to understand it

This depends on what you want to learn.

sleske
  • 81,358
  • 34
  • 189
  • 227
  • Did you mean, "Usually, the password you supply is **not** used as this key." ? The first and second sentences of that paragraph seem to be contradictory. – Thanatos Nov 02 '10 at 19:55
  • 1
    @Thanatos: Oops, that was not what I meant. Thanks for pointing it out; fixed. – sleske Nov 02 '10 at 20:18
  • I appreciated your answer, which introduced me to the idea of a key derivation function. I'm still confused though about why this seems so complicated and wonder if you have suggestions: https://stackoverflow.com/q/51791514/470749 Thanks! – Ryan Aug 10 '18 at 17:55
6

You'll need to look to other resources for a deep explanation, as this question is extremely broad.

Speaking generally: you use a password as a "seed" for an encryption key, as sleske pointed out. Then you use this key to apply a two-way encryption algorithm (i.e. one that can be applied once to encrypt and again to decrypt). When you apply the algorithm to a piece of data, it becomes encrypted in such a way that you could never get the data back out again without using the same key, and you can't practically produce the same key without having the same password as a seed.

StriplingWarrior
  • 151,543
  • 27
  • 246
  • 315
2

If you're interested in crypto, read Applied Cryptography by Bruce Schneier. Excellent read, lots of examples. It goes through many different cryptography types.

kmarks2
  • 4,755
  • 10
  • 48
  • 77
0

An easy way, but not exactly secure, is to rotate each byte by a number determined by the password. You can use a hash code from a string, or count the number of characters, or whatever for the number.

What you are probably thinking of, though, is public key encryption. Here is a link to a document that will tell you the math for it - you'll have to work out the implementation details yourself, but it's not that hard once you understand the math. http://mathaware.org/mam/06/Kaliski.pdf

Michael K
  • 3,297
  • 3
  • 25
  • 37
0

The basic building block of most block ciphers is a construction called a Feistel Network. It's reasonably easy to understand.

Stream ciphers are even simpler - they're essentially just pseudo-random number generators, albeit with some important security properties, where the initial internal state is derived from the key.

caf
  • 233,326
  • 40
  • 323
  • 462
0

Password based encryption IS symmetric. The input usually consists of a salt in addition to the password. FooBabel has a cool app where you can play around with this... currently they hard code the Salt to an array of eight bytes (zero to seven) for simplicity. I put in a request to see that they let users input the salt. Anyway, here it is - PBECrypto

Bobby Whitman
  • 41
  • 1