Secure unsalted or fixed salt symmetric encryption?
kelly.terry.jones at gmail.com
Mon May 25 05:57:36 UTC 2009
Are there any secure openssl symmetric encryption routines that
*don't* use a salt?
Is it secure to use a random-but-fixed salt (openssl enc -S salt)?
"man enc" says "This option [-salt] should ALWAYS be used [...]"
Reason I ask: I was using this command to backup files using
bzip2 -k -c original | openssl enc -bf -pass file:passfile > encfile
and was surprised that doing this to identical files yielded different
results. I then realized "openssl enc" randomly(?) chooses a salt if
you don't supply one.
I want my backups encrypted, but I also want identical files to
encrypt identically. Thoughts?
We're just a Bunch Of Regular Guys, a collective group that's trying
to understand and assimilate technology. We feel that resistance to
new ideas and technology is unwise and ultimately futile.
More information about the freebsd-questions