We need to determine a key (password) length for the XTS Stream. We are using synchronous encryption, so we are using a password for encryption. What is the ideal length for the password, so it matches the underlying encryption technique?
We do not use the password in its original form. Instead, we pass it along with a randomly-generated salt value (which is stored as first 40 bytes of an encrypted file) to PBKDF2 key derivation algorithm and then we derive the actual key from it. This means that any password length that is not too short is perfectly suitable. On the other hand, passwords that are too long are fine too, although not really necessary.
Welcome to Q&A forum for C# and VB.NET developers working with following .NET components:
If you need immediate assistance, please contact us directly.