I have two secret keys. One is a secret key generated by OpenSSL (primary secret
ID: 649398 • Letter: I
Question
I have two secret keys. One is a secret key generated by OpenSSL (primary secret key). Second key is generated by performing one way hash operation to GPS co ordinates and time parameters (geo secret key). Now I want to combine this two keys to be used for an AES encryption. I have two options.
Encrypt twice by using two keys.
XOR the two keys derive a single key and use it for encryption.
The first option will be bit expensive since there will be two encryption operations. Although the second option will be less expensive I am not sure whether it is secure or not. Will the second option make the finale encryption key vulnerable? Will it severely affect the randomness of the finale key in a way that it is not usable?
Explanation / Answer
I'm not really sure what your geo-location and time stamp key is really giving you above one well selected 128-bit key.
Let's say you're resolving the GPS co-ordinates to an accuracy of one metre. There are approximately 5