I\'m very curious to know this and a bit confuses too: 1. Suppose, I have two fi
ID: 652594 • Letter: I
Question
I'm very curious to know this and a bit confuses too:
1. Suppose, I have two files encrypted using AES-128bit with keys PBKDF2-derived from the same password and the same salt. If an attacker does brute force attack (imagining that he finishes this) to crack the keys, I'm guessing he needs to run the attack once to get those 2 keys.
2. Now, if I encrypt the files using AES-128bit with keys PBKDF2-derived from the same password and a different salt, will it make the attacker run brute force twice? If the answer is yes, then why? Changing the salt doesn't change the number of possible keys 2128.
If the answer is no then, in both cases the number of possible keys are 2128. So, what difference does it make if the salt is different?
Explanation / Answer
There are two ways to attack encryption that uses a derived key:
1. You can attack the encryption algorithm. In the case of correctly used* 128-bit AES, that essentially amounts to a brute force attack on the 128-bit keyspace.
This would succeed after on average 2127 tries (if it were practical). If you knew that two files had used the same password salt, you could brute force the key of one, then check if it also decrypts the other, meaning you'd find both with about 2127 tries when they share a password. If they had a different salt, there would be nothing special about the first key with respect to the other file