I’m working on updating the encryption method of a class at work. The encrypt and decrypt methods take the text to encrypt/decrypt and a string which used to be used as a salt (this string is hardcoded in the method calls in lots of places throughout the code base).
My plan is to securely generate a random 16-byte salt, then use Scrypt to derive a 64 byte array from the salt and the string (which I’m now considering a password since it’s not being used as a salt anymore).
I’ll then split that array into two 32 byte keys, and use the first to encrypt the text with AES-GCM. Then I’ll use the second key to encrypt the first, and append the encrypted key and the salt to the encrypted text.
On decryption, I’ll regenerate both keys using the salt appended to the encrypted text, decrypt the key appended to the encrypted text, and compare it to the generated key. Assuming they’re the same, I’ll then decrypt the text and return it.
Am I gaining anything by using two keys like this, or would it be just as good to derive a single key from the salt and password, and just append the salt to the encrypted text?