aes.js & crypto.js best use

https://stackoverflow.com/questions/17866121

04-06-2022
|

Question

The quick start guide tells us that we can use aes.js this way :

var encrypted = CryptoJS.AES.encrypt("Message", "Secret Passphrase"); 
var decrypt = CryptoJS.AES.decrypt(encrypted, "Secret Passphrase");

But is it safe enough ? Encrypted is an array with a lot of information (key, iv, salt, cyphertext). But isn't safer to use PBKDF2 to derivate the password ? Like this :

var salt = CryptoJS.lib.WordArray.random(128/8); 
var key512Bits1000Iterations = CryptoJS.PBKDF2("Secret Passphrase", salt, { keySize: 512/32, iterations: 1000 });
var iv  = CryptoJS.enc.Hex.parse('101112131415161718191a1b1c1d1e1f'); 

encrypted = CryptoJS.AES.encrypt("Message", key512Bits1000Iterations, { iv: iv });  
var decrypt = CryptoJS.AES.decrypt(encrypted, key512Bits1000Iterations, { iv: iv });

Thank you !

Solution

If you look at the bottom of the page of aes.js you pointed at you will find:

Interoperability With OpenSSL

Encrypt with OpenSSL:

openssl enc -aes-256-cbc -in infile -out outfile -pass pass:"Secret Passphrase" -e -base64

Decrypt with CryptoJS:

<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script>
<script>
    var decrypted = CryptoJS.AES.decrypt(openSSLEncrypted, "Secret Passphrase");
</script>

So aes.js will use OpenSSL compatible key derivation if you use a passphrase.

Now if you look at the key derivation mechanism performed by OpenSSL, EVP_BytesToKey, you will find this remark:

Newer applications should use more standard algorithms such as PBKDF2 as defined in PKCS#5v2.1 for key derivation.

Licensed under: CC-BY-SA with attribution

Not affiliated with StackOverflow