Most block ciphers are going to use larger than 32-bit sized blocks, for security reasons. However, I found one that is made specifically for what you are doing: Skip32 You may consider using a GUID, but perhaps you have reasons you want to avoid that. (Say, your app is done already.) Edit: Actually, if a … Read more
You won’t see the encrypted shared-key, it’s not exchanged. You can see the encrypted pre-master secret when using RSA authenticated key exchange. (Note that using Ephemeral Diffie-Hellman isn’t the only reason for not seeing a server key exchange message: it could also use a DH_DSS or DH_RSA cipher suite, but this is unusual as far … Read more
JWT (RFC7519) is just a compact way to safely transmit claims from an issuer to the audience over HTTP. JWT can be: signed (JWS – RFC7515) encrypted (JWE – RFC7516) signed then encrypted (this order is highly recommended). The whole JWS is the payload of the JWE encrypted then signed. It makes sense to encrypt … Read more
Key Generation I would recommend using a recognized algorithm such as PBKDF2 defined in PKCS #5 version 2.0 to generate a key from your password. It’s similar to the algorithm you outline, but is capable of generating longer symmetric keys for use with AES. You should be able to find an open-source library that implements … Read more
As you can see from the other answers, having a unique IV per encrypted file is crucial, but why is that? First – let’s review why a unique IV per encrypted file is important. (Wikipedia on IV). The IV adds randomness to your start of your encryption process. When using a chained block encryption mode … Read more
A cryptographically secure number random generator, as you might use for generating encryption keys, works by gathering entropy – that is, unpredictable input – from a source which other people can’t observe. For instance, /dev/random(4) on Linux collects information from the variation in timing of hardware interrupts from sources such as hard disks returning data, … Read more
An IV is essential when the same key might ever be used to encrypt more than one message. The reason is because, under most encryption modes, two messages encrypted with the same key can be analyzed together. In a simple stream cipher, for instance, XORing two ciphertexts encrypted with the same key results in the … Read more
At the end of the day, you are relying on trusting the client. If the client sends replays to the server, it is easy enough to replicable or modify a successful playthrough and send that to the server. Your best bet is to raise the bar for cheating above what a player would deem worth … Read more
GnuPG does multi-key encryption in standard. The following command will encrypt doc.txt using the public key for Alice and the public key for Bob. Alice can decrypt using her private key. Bob can also decrypt using his private key. gpg –encrypt –recipient [email protected] \ –recipient [email protected] doc.txt This feature is detailed in the user guide … Read more
Official document of Crypto++ AES is a good start. And from my archive, a basic implementation of AES is as follows: Please refer here with more explanation, I recommend you first understand the algorithm and then try to understand each line step by step. #include <iostream> #include <iomanip> #include “modes.h” #include “aes.h” #include “filters.h” int … Read more