Should I run my password through Bcrypt before using it for encrypting a file with AES-256?
I need to encrypt a file with a password that can be memorized. So I was thinking about running the password through some rounds of Bcrypt before using it for AES encryption, so every time I want to encrypt/decrypt I want it to take about 10 seconds in my machine (meaning brute-forcing it wouldn't be possible).
What I want to ask you is whether doing this is 0K, since normally one shouldn't mess around with cryptography. Doesn't AES have this already built-in? I mean configurable number of rounds or something.
I need to encrypt a file with a password that can be memorized. So I was thinking about running the password through some rounds of Bcrypt before using it for AES encryption, so every time I want to encrypt/decrypt I want it to take about 10 seconds in my machine (meaning brute-forcing it wouldn't be possible).
What I want to ask you is whether doing this is 0K, since normally one shouldn't mess around with cryptography. Doesn't AES have this already built-in? I mean configurable number of rounds or something.
No comments:
Post a Comment