Secure unsalted or fixed salt symmetric encryption?
RW
rwmaillists at googlemail.com
Tue May 26 23:41:26 UTC 2009
On Tue, 26 May 2009 19:02:10 +0200
Roland Smith <rsmith at xs4all.nl> wrote:
> Or if you have the case of a 'known-plaintext' attack. It happens
> more often than you would think:
> [http://en.wikipedia.org/wiki/Known-plaintext_attack]
> Note that using a random salt would be a good protection against such
> an attack!
Only if the passphrase is weak. If you don't use salt you can
pre-compute a table that maps weak passphrases to a few bytes of
of the ciphertext of a known plaintext first block. But if that
passphrase contains sufficient entropy it's no cheaper than a
brute-force attack against the cipher. A cipher that can't withstand
that isn't worth using.
More information about the freebsd-questions
mailing list