Skip to content

Instantly share code, notes, and snippets.

@wahidsadik

wahidsadik/2019-symmetric-encryption.md

Created July 17, 2019 19:45
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save wahidsadik/7bd9e094140d139c8a79cb098957796a to your computer and use it in GitHub Desktop.
Save wahidsadik/7bd9e094140d139c8a79cb098957796a to your computer and use it in GitHub Desktop.
Download ZIP
Symmetric encryption stuff
Raw
2019-symmetric-encryption.md

Background

Did some research on on this. Capturing the findings.

Findings

  • Do not use DES, or 3DES. Use AES.
  • Use AES/CBC/PKCS7Padding at least.
  • Use AES/CFB/PKCS5Padding to generate different cipher for the same plain-text.
  • Use AES/GCM/NoPadding for most secure stuff.
  • Use 256 bit keys.
  • When encrypting passwords, add a salt and ecnrypt password with bcrypt. This is to beat ranbow tables.
  • It's okay to save salt in db.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment