Re: Secure unsalted or fixed salt symmetric encryption?



On Mon, 25 May 2009 21:00:39 +0200
Roland Smith <rsmith@xxxxxxxxx> wrote:


Or you can use the -nosalt option. But as explained in
[http://www.openssl.org/docs/apps/enc.html], using a random salt by
default is a design decision because: "Without the -salt option it is
possible to perform efficient dictionary attacks on the password".
That doesn't sound good, does it?

It's not a problem since she's using a random key file, not a weak
password.
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"



Relevant Pages