Re: encryption question

Rael wrote:
Thanks for the input. I imply from your comment that using the hash function method will work fine for symmetrical encryption.

If done correctly, yes, but it all depends on your exact requirements. The scheme below should be fairly robust, presuming I got your requirements right:

Encryption:
Input: Password P, Text T
1. S := Random (128 bits from a secure PRBG)
2. KE := HMAC(P,S + 'E')
3. KA := HMAC(P,S + 'A')
4. C := E(KE,T)
5. M := HMAC(KA,C)
6. Output CT := S + C + M

Decryption:
Input: Password P, Cipher Text CT
1. Parse CT into S,C,M
2. KE := HMAC(P,S + 'E')
3. KA := HMAC(P,S + 'A')
4. if M <> HMAC(KA,C) return Error
5. T := D(KE,C)
6. Output T

This scheme features authenticated encryption, authenticating the password and verifying the integrity of the text in one step. If CT is modified in any way during storage or transit, or if the wrong password is entered at decryption, the decryption method will return Error.
.