Hacker News new | past | comments | ask | show | jobs | submit login

I may be totally wrong, but isn't PBKDF2 useful exactly as a way to generate an encryption key from a password?



You're perfectly right. PBKDF2 (Password-based Key Derivation Function 2) takes your password as an input, derives a key from it and outputs that. This key is then fed into an encryption algorithm like AES in order to actually encrypt anything.


Sure, in the same way that MD5 is (although you'd want to use PBKDF2 instead of MD5). But you can't actually encrypt with PBKDF2 itself, much like you can't with MD5


From the linked discussion ([3] above):

> 1. We use a 256 bit key derived using a salt and PBKDF2.

> 2. AES is used in CBC mode with a different IV for each account.

> 3. The key is store on the cellphone only and is never transmitted


> 2. AES is used in CBC mode with a different IV for each account.

Depending on the actual implementation (if everything is just one encrypted blob or if individual records are encrypted separately) using the same IV for all data in one account can be pretty bad.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: