But when they do implement them, they usually stumble when they have to choose a Key.
They usually choose some word (like names) or phrase, which is probably in a dictionary.
This is specially dangerous if the cipher text is being sent to the browser back and forth, or if for example you are trusting HMAC signed requests and parameters.
Some guy might brute force the Key using a dictionary and be able to decipher the data or craft new data, the same with HMAC, he can create valid requests and do harm.
I know that the best approach is to rotate the generated keys, for example every day, and generate the with a Secure Random algorithm.
But not everyone needs that type of security, so if you need to quickly create a Random Key without using web sites that do that for you, this are some commands you can use on Linux or OSx:
If you are using AES-128 you need a 128 bit key or 16 bytes key.
$ head -c16 /dev/random | base64
change -c16 to whatever you need.
Since /dev/random generates binary data, its best to transform it to hex string or base64 string.
In the code you should decode the string back to binary data before using it.
For HMAC, the size depends on which Hash algorithm you wanna use. Even if MD5 and SHA-1 are no longer considered secure, their implementation with HMAC has not been proven to be insecure.
But if you can choose, choose the SHA-2 family.
The rule of thumb is to use generate a Key at least the size of the hash output.
For SHA-1 it's 160 bits or 20 bytes:
$ head -c20 /dev/random | base64
For SHA-256 as its name tells, 256 bits or 32 bytes.
$ head -c32 /dev/random | base64
I don't believe it's necessary to base64 decode this keys when used with HMAC.
If you want to get Hex coded output use xxd as shown below.
$ xxd -l 32 -p -c80 /dev/random
Just for your information, /dev/random is a device which generates cryptographically secure random number generator (CSRNG) which are "continuously fed" with with entropy. Use of /dev/urandom is also recommended but not available in all platforms (e.g. OSx).
When you start your computer a pool of entropy starts to generate. Since entropy is hard to get the pool fills slowly, so if you keep getting random numbers from that pool you might deplete it, and you will have to wait for new entropy. If this is your case, because maybe you scripted something that constantly read from /dev/random, you can use the device /dev/urandom, which is a non blocking device. Whenever it's depleted it's starts working a pseudo-random number generator, but when it gets new entropy it uses it.
You can read more about the difference between these 2 devices here.
You can read more about the difference between these 2 devices here.
Amazing blog. It's very helpful to learn these things easily. Thank You so much. Keep supporting.
ReplyDeleteaws training in chennai | aws course in chennai