Date: Mon, 25 May 2009 22:06:01 +0100 From: RW <rwmaillists@googlemail.com> To: freebsd-questions@freebsd.org Subject: Re: Secure unsalted or fixed salt symmetric encryption? Message-ID: <20090525220601.1a9f7109@gumby.homeunix.com> In-Reply-To: <20090525190039.GA39139@slackbox.xs4all.nl> References: <26face530905242257m7030933cy4a1171de7a06ee59@mail.gmail.com> <20090525190039.GA39139@slackbox.xs4all.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 25 May 2009 21:00:39 +0200 Roland Smith <rsmith@xs4all.nl> wrote: > Or you can use the -nosalt option. But as explained in > [http://www.openssl.org/docs/apps/enc.html], using a random salt by > default is a design decision because: "Without the -salt option it is > possible to perform efficient dictionary attacks on the password". > That doesn't sound good, does it? It's not a problem since she's using a random key file, not a weak password.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090525220601.1a9f7109>