Transitioning to New Encryption Algorithms

Question

How can one transition encrypted data to a new encryption algorithm / settings in an iOS app? I'm not asking exactly how to do this with code, this is rather a conceptual question .

There are currently thousands of people using my iOS app to encrypt their data. I have found issues with the current encryption methods. In order to fix those issues I would need to implement an improved encryption system (see below for details) and transition current users to the new system.

I'm not sure how to go about migrating users to the new system without prompting them to enter their private keys, decrypt, and re-encrypt with the new system. Ideally this transition would be as seamless and as invisible as possible. If the transition does not work I fear that users will lose their data or become frustrated.

Old Encryption Method

• AES 256-bit
• CBC Mode

New Encryption Method

• AES 256-bit
• CBC Mode
• Password stretching with PBKDF2
• Password Salting
• Random IV
• Hash HMAC

Any ideas on how one could go about transitioning between these two AES encryption systems?

Answer 1

Are the current encryption keys good? If so you can keep them and wrap them with the new key deviation function. That allows the user to change their password without having to re-encrypt the data. If the keys are too weak you will have to decrypt and re-encrypt the data.

I see "Password Salting" and "Hash HMAC", you should be thinking more along the lines of PBKDF2 to create encryption keys from a user supplied password/pass phrase. Use the calibration function to choose the number of rounds.

If you were thinking ahead you have a version indicator and if so can just encrypt new data with the new key-scheme version and have backward compatibility.

I am wondering what Base64 encoding is doing in encryption other than to transport the encrypted data across an interface that can not handle 8-bit bytes such as JSON and XML.