Date: Sun, 24 May 2009 22:57:35 -0700 From: Kelly Jones <kelly.terry.jones@gmail.com> To: freebsd-questions@freebsd.org Subject: Secure unsalted or fixed salt symmetric encryption? Message-ID: <26face530905242257m7030933cy4a1171de7a06ee59@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Are there any secure openssl symmetric encryption routines that *don't* use a salt? Is it secure to use a random-but-fixed salt (openssl enc -S salt)? "man enc" says "This option [-salt] should ALWAYS be used [...]" Reason I ask: I was using this command to backup files using compression/encryption: bzip2 -k -c original | openssl enc -bf -pass file:passfile > encfile and was surprised that doing this to identical files yielded different results. I then realized "openssl enc" randomly(?) chooses a salt if you don't supply one. I want my backups encrypted, but I also want identical files to encrypt identically. Thoughts? -- We're just a Bunch Of Regular Guys, a collective group that's trying to understand and assimilate technology. We feel that resistance to new ideas and technology is unwise and ultimately futile.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?26face530905242257m7030933cy4a1171de7a06ee59>