Generating a salt for key derivation #22
Assignees
Labels
development
Standard development
Comments
|
Here are some recommendations from NIST for GCM and GMAC. It is recommended to restrict the IV to a length of 96 bits (12 bytes) to support interoperability and some other factors. Here is a good example of file encryption with AES-GCM and salt based key derivation in nodejs: https://gist.github.com/AndiDittrich/4629e7db04819244e843. I think this is a good example to follow. We are also missing the auth tag and |
|
this was solved in #23 |
|
Just remember that the details for how we did the AES GCM should be documented so it can be more easily verified. |
|
I have put some notes into the README along this line |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Should we be generating a salt for our key derivation in
Crypto?We could do it by generating some random bytes:
const salt = crypto.randomBytes(128).toString('base64')I am not sure how one would store this though, we should also consider having multiple salts as well and storing the number of attempts. Or do we leave it up to the user to provide the salts?
The text was updated successfully, but these errors were encountered: