Rfc2898DeriveBytes - password length

0
votes

Trying to find related answer for a long time, but not convinced yet.

What I am trying is to encrypt using RijndaelManaged. To create Key, I am passing password, salt and iteration to Rfc2898DeriveBytes.

I was thinking to add constant if user entered password is below specific length before passing it to Rfc2898DeriveBytes.

So far what I found that adding constant will not add any benefit to security. Let suppose attacker get an access to database containing encrypted data along with salt, but not to constant will give him a bit harder time. Although in the end he will find that constant.

Or it is "really and extremely" safe to pass any length password to Rfc2898DeriveBytes without getting worried?

Does passing shorter or lengthier password affect key derivation process in term of which one is better and most recommended?

So far what I know that random salt and more iteration is important.

Following is the code, should I remove adding constant to password or keep it?

(Note: password length restriction to user is not applied at GUI, user can pass 1 character or even more than 10 characters)

string constant = "AnyConstantToMakePasswordBigger";

if (password.Length < 8) 
{ 
password = password + constant; 
}

RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();

byte[] salt = new byte[8];

rng.GetBytes(salt);

Rfc2898DeriveBytes derivedKey = new Rfc2898DeriveBytes(password, salt, 1000);

using (RijndaelManaged aes = new RijndaelManaged())
{
     aes.Key = derivedKey.GetBytes(keyLength);
     .....
}

Welcoming any positive or negative comment and responses.

1
c#encryptionpbkdf2
The only solution is to require the user enter a password of at least a certain length. Adding a constant or more rounds isn't going to make up for a 1 character password.mfanto
yes, salt and more iterations are more important. In fact, more iterations is exactly what BCrypt does. I don't think adding constant data to make a "longer password" would make much of a difference--you're not changing the effective depth of security of the password.Peter Ritchie
Adding the constant is pointless. The salt already achieves the purpose you want the constant to fulfill. Infact, adding the constant has the potential to make secuirty worse (although I think you'll be safe with Rfc2898DeriveBytes). If you want to improve security ensure the password excedes a minimum length.Jodrell
@Jordell, Even the provided password is of just 1 character length? (please note that the length cannot be restricted at begining)toughcanny
How does padding the password with a fixed value help? You want to increase entropy not decrease it.Jodrell

1 Answers

0
votes

With an assumption that the attacker doesn't know the "constant" then, yes, it would effectively increase security by making brute force attacks harder. HOWEVER, that is a very bad assumption and you should ALWAYS assume the attacker has your source code.

Continuing on our bad assumption: You are correct that the attacker may eventually figure out your constant if enough passwords are cracked.

As to whether or not one adding more characters to your password improves key derivation: not really. The key that you generate will be the same length no matter what. But an attacker is not going to attempt to guess your key, they are too long and effectively impossible to brute force. Any attacker is going to go after the password.

This is where iterations, salt and hard to guess long passwords come in. Iterations increase difficulty by increasing the time it takes to make each guess. While the time to do thousands of iterations when a legitimate user logs in is negligible, the cost to a brute force attacker is huge. Long passwords additionally increase difficulty of brute force. The salt helps to protect identical passwords from being solved at the same time (the attacker must attack each password independently even if they are the same).