Date: Wed, 27 May 2009 00:41:19 +0100 From: RW <rwmaillists@googlemail.com> To: freebsd-questions@freebsd.org Subject: Re: Secure unsalted or fixed salt symmetric encryption? Message-ID: <20090527004119.62822b41@gumby.homeunix.com> In-Reply-To: <20090526170210.GB75202@slackbox.xs4all.nl> References: <26face530905242257m7030933cy4a1171de7a06ee59@mail.gmail.com> <20090525190039.GA39139@slackbox.xs4all.nl> <43F89C0B-370E-4E29-9214-E447768C97A3@goldmark.org> <20090526170210.GB75202@slackbox.xs4all.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 26 May 2009 19:02:10 +0200 Roland Smith <rsmith@xs4all.nl> wrote: > Or if you have the case of a 'known-plaintext' attack. It happens > more often than you would think: > [http://en.wikipedia.org/wiki/Known-plaintext_attack] > Note that using a random salt would be a good protection against such > an attack! Only if the passphrase is weak. If you don't use salt you can pre-compute a table that maps weak passphrases to a few bytes of of the ciphertext of a known plaintext first block. But if that passphrase contains sufficient entropy it's no cheaper than a brute-force attack against the cipher. A cipher that can't withstand that isn't worth using.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090527004119.62822b41>