Secure unsalted or fixed salt symmetric encryption?

Roland Smith rsmith at
Mon May 25 21:52:07 UTC 2009

On Mon, May 25, 2009 at 10:06:01PM +0100, RW wrote:
> On Mon, 25 May 2009 21:00:39 +0200
> Roland Smith <rsmith at> wrote:
> > Or you can use the -nosalt option. But as explained in
> > [], using a random salt by
> > default is a design decision because: "Without the -salt option it is
> > possible to perform efficient dictionary attacks on the password".
> > That doesn't sound good, does it?
> It's not a problem since she's using a random key file, not a weak
> password.

But a key alone is not sufficient. You'll need to specify an
initialization vector as well, using the -iv option. E.g.:

openssl enc -aes256 -in <infile> -out <outfile>.aes \
-K 971001EE50DCDBCAF3F521851E773B0285838CA549E2258C1A195565D61F2145 \
-iv FD246E34A631AE38

If you try it with only a key or keyfile, you'll get a 'iv undefined'
error, resulting in a zero-length output file. :-(

If you use a password (-pass) you don't need an iv.

[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914  B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url :

More information about the freebsd-questions mailing list