Nothing
Encryption Keys
In rmonocypher: Easy Encryption of R Objects using Strong Modern Cryptography
knitr::opts_chunk$set(
collapse = FALSE,
comment = "#>"
)
library(rmonocypher)
Encryption Keys
An encryption key is the core secret data used to encrypt/decrypt an object.
Without knowing the encryption key, it is not possible to decrypt the data.
It is important to save this key securely.
Encryption keys must be 32 bytes of difficult to guess values, and the
{rmonocypher} package has a number of ways of making keys easy to handle.
The key for encryption may be one of:
- A password
- A 32-byte raw vector
- A 64-character hexadecimal string
Use a password as the key
When using encrypt(..., key = ...), the key may simply be given as a password.
This password may be any text (including spaces and special characters).
Internally, this password will be processed into a full 32-byte encryption key
using Argon2 password-based key derivation (see below).
Generate a key using Argon2 Key Derivation Function
An encryption key may be generated by a password prior to the call to encrypt().
The argon2() function implements Argon2 password-based key derivation.
This is a resource intensive password-based key derivation scheme (i.e. requires lots
of CPU and RAM to run) which is difficult to brute-force.
For applications requiring more paranoia, it is recommended that an
explicit salt be used. Don't forget to save the salt as well, because
without it you will not be able to generate the same encryption key.
# When no salt is provided, a salt will be
# derived internally from the password.
argon2("my secret")
# Use another password as the salt
argon2("my secret", salt = "salt and vinegar")
# Use a 32-character hexadecimal string as the salt
argon2("my secret", salt = "cefca6aafae5bdbc15977fd56ea7f1eb")
# Use 'rbyte()' to source 16 random bytes for the salt
salt <- rbyte(16)
argon2("my secret", salt = salt)
Use raw bytes as the key
The key may also be a raw vector containing 32 bytes.
If using random bytes for the key, it is important that they be generated from a
cryptographically secure source e.g. rbyte().
Be sure to save this key, as it will not be possible to generate this
exact same random sequence again.
key <- rbyte(32, type = 'raw')
key
Use hexadecimal string as a key
The key may be given as a 64-character hexadecimal string.
If this key is generated using rbyte(), be sure to save this key as it
will not be possible to generate this exact same random sequence again.
key <- rbyte(32, type = 'chr')
key
Try the rmonocypher package in your browser
Any scripts or data that you put into this service are public.
rmonocypher documentation built on April 4, 2025, 4:41 a.m.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
knitr::opts_chunk$set( collapse = FALSE, comment = "#>" )
library(rmonocypher)
Encryption Keys
An encryption key is the core secret data used to encrypt/decrypt an object.
Without knowing the encryption key, it is not possible to decrypt the data.
It is important to save this key securely.
Encryption keys must be 32 bytes of difficult to guess values, and the
{rmonocypher} package has a number of ways of making keys easy to handle.
The key for encryption may be one of:
- A password
- A 32-byte raw vector
- A 64-character hexadecimal string
Use a password as the key
When using encrypt(..., key = ...), the key may simply be given as a password.
This password may be any text (including spaces and special characters).
Internally, this password will be processed into a full 32-byte encryption key using Argon2 password-based key derivation (see below).
Generate a key using Argon2 Key Derivation Function
An encryption key may be generated by a password prior to the call to encrypt().
The argon2() function implements Argon2 password-based key derivation.
This is a resource intensive password-based key derivation scheme (i.e. requires lots
of CPU and RAM to run) which is difficult to brute-force.
For applications requiring more paranoia, it is recommended that an
explicit salt be used. Don't forget to save the salt as well, because
without it you will not be able to generate the same encryption key.
# When no salt is provided, a salt will be # derived internally from the password. argon2("my secret") # Use another password as the salt argon2("my secret", salt = "salt and vinegar") # Use a 32-character hexadecimal string as the salt argon2("my secret", salt = "cefca6aafae5bdbc15977fd56ea7f1eb") # Use 'rbyte()' to source 16 random bytes for the salt salt <- rbyte(16) argon2("my secret", salt = salt)
Use raw bytes as the key
The key may also be a raw vector containing 32 bytes.
If using random bytes for the key, it is important that they be generated from a
cryptographically secure source e.g. rbyte().
Be sure to save this key, as it will not be possible to generate this exact same random sequence again.
key <- rbyte(32, type = 'raw') key
Use hexadecimal string as a key
The key may be given as a 64-character hexadecimal string.
If this key is generated using rbyte(), be sure to save this key as it
will not be possible to generate this exact same random sequence again.
key <- rbyte(32, type = 'chr') key
Try the rmonocypher package in your browser
Any scripts or data that you put into this service are public.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Embedding an R snippet on your website
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.