On May 25, 2009, at 2:00 PM, Roland Smith wrote:
You could use the -S option and specify a constant salt. It might make
the encrypted materials easier to break, though. You can generate a
random salt with openssl as well:
Or you can use the -nosalt option. But as explained in
On Tue, May 26, 2009 at 09:31:25AM -0500, Jeffrey Goldberg wrote:
On May 25, 2009, at 2:00 PM, Roland Smith wrote:
You could use the -S option and specify a constant salt. It might make
the encrypted materials easier to break, though. You can generate a
random salt with openssl as well:
On Tue, 26 May 2009 19:02:10 +0200
Roland Smith rsm...@xs4all.nl wrote:
Or if you have the case of a 'known-plaintext' attack. It happens
more often than you would think:
[http://en.wikipedia.org/wiki/Known-plaintext_attack]
Note that using a random salt would be a good protection against
On Sun, 24 May 2009 22:57:35 -0700
Kelly Jones kelly.terry.jo...@gmail.com wrote:
and was surprised that doing this to identical files yielded different
results. I then realized openssl enc randomly(?) chooses a salt if
you don't supply one.
I want my backups encrypted, but I also want
On Sun, May 24, 2009 at 10:57:35PM -0700, Kelly Jones wrote:
Are there any secure openssl symmetric encryption routines that
*don't* use a salt?
Is it secure to use a random-but-fixed salt (openssl enc -S salt)?
man enc says This option [-salt] should ALWAYS be used [...]
Reason I ask:
On Mon, 25 May 2009 21:00:39 +0200
Roland Smith rsm...@xs4all.nl wrote:
Or you can use the -nosalt option. But as explained in
[http://www.openssl.org/docs/apps/enc.html], using a random salt by
default is a design decision because: Without the -salt option it is
possible to perform
On Mon, May 25, 2009 at 10:06:01PM +0100, RW wrote:
On Mon, 25 May 2009 21:00:39 +0200
Roland Smith rsm...@xs4all.nl wrote:
Or you can use the -nosalt option. But as explained in
[http://www.openssl.org/docs/apps/enc.html], using a random salt by
default is a design decision because:
On Mon, 25 May 2009 23:52:05 +0200
Roland Smith rsm...@xs4all.nl wrote:
On Mon, May 25, 2009 at 10:06:01PM +0100, RW wrote:
On Mon, 25 May 2009 21:00:39 +0200
Roland Smith rsm...@xs4all.nl wrote:
Or you can use the -nosalt option. But as explained in