I use the following inputs to encrypt using AES:
- UserPassword (plain text)
- SecretKey
- RandomIV
I use the following inputs to encrypt using SHA512:
- UserPassword (plain text)
- RandomSalt
I'd like to enhance both encryption methods above by using key derivation functionality. I will use the .NET Rfc2898DeriveBytes Class which requires the following:
- MasterPassword
- Salt
- Iterations
For AES:
Should I use the AES SecretKey for the PBKDF MasterPassword param? I currently generate an AES RandomIV and store the IV+CIPHER in the DB, when upgrading to use PBKDF is it correct to do the following:
- Do not generate an AES RandomIV
- Generate a new random Salt for the PBKDF
- Use the first x bits of the DerivedKey as the AES SecretKey
- Use the second x bits of the DerivedKey as the AES RandomIV
- Store the 'new random Salt'+CipherText in the DB
- Both the AES Encrypt & Decrypt methods will have a PBKDF Salt param rather than an AES IV param (ignore the fact that they are both just byte[]'s)
For SHA512:
Is it correct to use the UserPassword (plaintext) for the PBKDF MasterPassword param (instead of securely storing a secret MasterPassword like AES)?
Should I use the SHA512 RandomSalt as the PBKDF Salt?
When calling the SHA.computehash method, should only the DerivedKey by hased, or should the salt be appended to the DK?
How many bytes of the DerivedKey should be encrypted, 64?