From owner-freebsd-questions@FreeBSD.ORG Tue May 26 17:02:13 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AD6E810657B0 for ; Tue, 26 May 2009 17:02:13 +0000 (UTC) (envelope-from rsmith@xs4all.nl) Received: from smtp-vbr17.xs4all.nl (smtp-vbr17.xs4all.nl [194.109.24.37]) by mx1.freebsd.org (Postfix) with ESMTP id 253BB8FC1C for ; Tue, 26 May 2009 17:02:12 +0000 (UTC) (envelope-from rsmith@xs4all.nl) Received: from slackbox.xs4all.nl (slackbox.xs4all.nl [213.84.242.160]) by smtp-vbr17.xs4all.nl (8.13.8/8.13.8) with ESMTP id n4QH2BBT014563; Tue, 26 May 2009 19:02:11 +0200 (CEST) (envelope-from rsmith@xs4all.nl) Received: by slackbox.xs4all.nl (Postfix, from userid 1001) id D2ABBBAA3; Tue, 26 May 2009 19:02:10 +0200 (CEST) Date: Tue, 26 May 2009 19:02:10 +0200 From: Roland Smith To: Jeffrey Goldberg Message-ID: <20090526170210.GB75202@slackbox.xs4all.nl> References: <26face530905242257m7030933cy4a1171de7a06ee59@mail.gmail.com> <20090525190039.GA39139@slackbox.xs4all.nl> <43F89C0B-370E-4E29-9214-E447768C97A3@goldmark.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="QKdGvSO+nmPlgiQ/" Content-Disposition: inline In-Reply-To: <43F89C0B-370E-4E29-9214-E447768C97A3@goldmark.org> X-GPG-Fingerprint: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 X-GPG-Key: http://www.xs4all.nl/~rsmith/pubkey.txt X-GPG-Notice: If this message is not signed, don't assume I sent it! User-Agent: Mutt/1.5.19 (2009-01-05) X-Virus-Scanned: by XS4ALL Virus Scanner Cc: Kelly Jones , freebsd-questions@freebsd.org Subject: Re: Secure unsalted or fixed salt symmetric encryption? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 17:02:14 -0000 --QKdGvSO+nmPlgiQ/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, May 26, 2009 at 09:31:25AM -0500, Jeffrey Goldberg wrote: > On May 25, 2009, at 2:00 PM, Roland Smith wrote: >=20 > > You could use the -S option and specify a constant salt. It might make > > the encrypted materials easier to break, though. You can generate a > > random salt with openssl as well: >=20 > > Or you can use the -nosalt option. But as explained in > > [http://www.openssl.org/docs/apps/enc.html], using a random salt by > > default is a design decision because: "Without the -salt option it is > > possible to perform efficient dictionary attacks on the password". =20 > > That > > doesn't sound good, does it? >=20 > This is being used for file encryption, not password encryption.=20 Of course. > So a dictionary attack isn't all that likely unless the encrypted > files are of a specific nature Suppose you are encrypting a tarfile that includes /usr/src/. There are definitely files in that tree that haven't changed in a long time. These could be used as (partial) cribs.=20 > (known template which remains constant while only small parts of the > file vary).=20 Or if you have the case of a 'known-plaintext' attack. It happens more often than you would think:=20 [http://en.wikipedia.org/wiki/Known-plaintext_attack]=20 Note that using a random salt would be a good protection against such an attack! I agree that in this case such an attack seems unlikely.=20 =46rom the original posters' questions I get the feeling that he is looking for an incremental encrypted backup solution for a large file or files. All possible solutions involve trade-offs between ease of use, robustness and security. And as you've said making a good choice requires more insight into the constraints. Roland --=20 R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) --QKdGvSO+nmPlgiQ/ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (FreeBSD) iEYEARECAAYFAkocIJIACgkQEnfvsMMhpyV2hACgnNdtMEaWCoNkFn8PDZPch3k4 qWsAn0ytWNIxZx2AASCBAR9rhq0e9Hk+ =3fRk -----END PGP SIGNATURE----- --QKdGvSO+nmPlgiQ/--