0

I am wondering how secure it is to encrypt and decrypt strings using OpenSSL using Salts and an Initialisation Vector. If the salt and initialisation vector are both going to be stored in a database along with the encrypted string, can't a possible attacker just take the encrypted string, salt and IV and decrypt the string? If this is possible how would it be made more secure so this isn't possible? The primary use case for this is to be able to encrypt & decrypt user data to display to the user.

2 Answers2

1

I think you are mixing several things together here:

  • OpenSSL is a library which has implementations for a variety of cryptographic algorithms, both for strong and for weak algorithms. Thus, the security first depends on which algorithm you use.
  • You are trying to use symmetric encryption where the same key is needed for encryption and decryption. Of course, this key must be protected against an adversary. But how this is done is not part of the encryption algorithm and not part of OpenSSL either.
  • For encryption you need a key, not a salt. Salt instead is used in the context of password hashing. Also the IV is not needed to decrypt the encrypted text so no need to store it explicitly.

Of course storing the decryption key together with the encrypted data makes no sense because if an attacker gets access to both it can simply decrypt the data.
But, how this secret key should be protected fully depends on your unknown use case, on the value of the data and on the assumed capabilities of the adversary.

Steffen Ullrich
  • 190,458
  • 29
  • 381
  • 434
  • I believe the algorithm I am using is aes-256-cbc. Could you please define an adversary? – Oliver Leach Aug 02 '17 at 20:00
  • @OliverLeach: The adversary depends on the unknown use case, how valuable the data are etc. Thus, it is up to you to define the adversary and its capabilities because you should know use case and value. – Steffen Ullrich Aug 02 '17 at 20:02
  • sorry I am new to encryption hence lots of questions. The primary use case for this is to be able to encrypt & decrypt user data to show on a website so data is going to be valuable. – Oliver Leach Aug 02 '17 at 20:07
  • @OliverLeach: in this case you should probably read [Where to store a key for encryption?](https://security.stackexchange.com/questions/12332/where-to-store-a-key-for-encryption). – Steffen Ullrich Aug 02 '17 at 20:09
  • should there be different encryption keys for different users or should they all have the same key? Also, how secure is it to store the key in the code? – Oliver Leach Aug 02 '17 at 20:14
  • @OliverLeach: it depends on your exact use case - and your current short version of this is simply too broad. As for storing the key see the question I've referenced. And, any question of "how secure" depends also on the exact use case, value of data and capabilities of the adversary - all of this is unknown. Essentially there is no "how secure", there is only "secure enough" for a specific use case with a proper risk assesement. – Steffen Ullrich Aug 02 '17 at 20:17
  • 1
    @OliverLeach, to add to what Steffen is asking, you've defined a use case as "encrypt strings", but it doesn't appear that you've analyzed "why" you are encrypting. Who is likely to attack your system? What are their capabilities? What is the value of your data that provides them with motivation? And then, you need to know what is going to happen with your data. Will it be stored long-term? Who will decrypt it? Where? How will you authenticate who has access to the keys? Encryption is only one layer of protection; all these answers can help guide your encryption requirements. – John Deters Aug 02 '17 at 21:13
0

Salts are for hashing passwords, not for encryption. To encrypt or decrypt using most encryption modes you need the Key and the IV.

I think you should provide more information on what you're trying to accomplish, if you're trying to store passwords I'd read through this answer.

AndrolGenhald
  • 15,506
  • 5
  • 45
  • 50