How to check password before decrypting data

By : driis
Source: Stackoverflow.com
Question!

I am creating a program that needs to store the user's data in encrypted form. The user enters a password before encryption and is required to supply the password again to retrieve the data. Decryption takes a while if there is a lot of data.

Now, I want to check that the user has entered the correct password before doing the decryption. This check needs to be fast, and the decryption process is not.

How can I check the password before actually completing the decryption process ? I thought about storing a hash of the password as the first few bytes of an encrypted file - this would be easy and fast enough - but I am not sure whether it compromises security ?

I am using .NET and the built in cryptography classes.

By : driis


Answers

Well, a cryptographic hash shouldn't compromise security as long as it is salted and has reasonable complexity; personally, though, I'd probably try to set it up so that data corruption (due to incorrect password) is obvious early on...

Any possibility of injecting checksums in the data at regular intervals? Or if the stream represents records, can you read it with an iterator (IEnumerable<T> etc) so that it reads lazily and breaks early?

(edit) Also - forcing it to decrypt a non-trivial chunk of data (but not the entire stream) before it can tell if the password was right should be enough to make it hard to brute-force. If it only has to work with the first 128 bytes (or whatever) that might be fast enough to make it worth-while trying (dictionary etc). But for regular usage (one try, password either right or wrong) it should have no performance impact.



I don't have the time to answer you question bullet by bullet. =) But I can recommend a general strategy of separating concerns and not couple server resources when there's no immediate need for it. mod_proxy (and any equivalents) is your friend. It makes it easy to throw hardware at performance problems that shows up. Of course, you don't have to factor the system perfectly from the start (since it's really hard to anticipate where the real bottlenecks will show up). But when you do encounter problems. Remember your friend.

By : PEZ


This video can help you solving your question :)
By: admin