Secure unsalted or fixed salt symmetric encryption?

RW rwmaillists at
Tue May 26 23:41:26 UTC 2009

On Tue, 26 May 2009 19:02:10 +0200
Roland Smith <rsmith at> wrote:

> Or if you have the case of a 'known-plaintext' attack. It happens
> more often than you would think: 
> [] 
> Note that using a random salt would be a good protection against such
> an attack!

Only if the passphrase is weak. If you don't use salt you can
pre-compute a table that maps weak passphrases to a few bytes of
of the ciphertext of a known plaintext first block. But if that
passphrase contains sufficient entropy it's no cheaper than a
brute-force attack against the cipher. A cipher that can't withstand
that isn't worth using.

More information about the freebsd-questions mailing list