Secure unsalted or fixed salt symmetric encryption?
rwmaillists at googlemail.com
Tue May 26 23:41:26 UTC 2009
On Tue, 26 May 2009 19:02:10 +0200
Roland Smith <rsmith at xs4all.nl> wrote:
> Or if you have the case of a 'known-plaintext' attack. It happens
> more often than you would think:
> Note that using a random salt would be a good protection against such
> an attack!
Only if the passphrase is weak. If you don't use salt you can
pre-compute a table that maps weak passphrases to a few bytes of
of the ciphertext of a known plaintext first block. But if that
passphrase contains sufficient entropy it's no cheaper than a
brute-force attack against the cipher. A cipher that can't withstand
that isn't worth using.
More information about the freebsd-questions