On Tue, 26 May 2009 19:02:10 +0200 Roland Smith <rsm...@xs4all.nl> wrote:
> Or if you have the case of a 'known-plaintext' attack. It happens > more often than you would think: > [http://en.wikipedia.org/wiki/Known-plaintext_attack] > Note that using a random salt would be a good protection against such > an attack! Only if the passphrase is weak. If you don't use salt you can pre-compute a table that maps weak passphrases to a few bytes of of the ciphertext of a known plaintext first block. But if that passphrase contains sufficient entropy it's no cheaper than a brute-force attack against the cipher. A cipher that can't withstand that isn't worth using. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"