On Tue, 26 May 2009 19:02:10 +0200
Roland Smith wrote:
> Or if you have the case of a 'known-plaintext' attack. It happens
> more often than you would think:
> [http://en.wikipedia.org/wiki/Known-plaintext_attack]
> Note that using a random salt would be a good protection against such
> an att
On Tue, May 26, 2009 at 09:31:25AM -0500, Jeffrey Goldberg wrote:
> On May 25, 2009, at 2:00 PM, Roland Smith wrote:
>
> > You could use the -S option and specify a constant salt. It might make
> > the encrypted materials easier to break, though. You can generate a
> > random salt with openssl as
On May 25, 2009, at 2:00 PM, Roland Smith wrote:
You could use the -S option and specify a constant salt. It might make
the encrypted materials easier to break, though. You can generate a
random salt with openssl as well:
Or you can use the -nosalt option. But as explained in
[http://www.open
On Mon, 25 May 2009 23:52:05 +0200
Roland Smith wrote:
> On Mon, May 25, 2009 at 10:06:01PM +0100, RW wrote:
> > On Mon, 25 May 2009 21:00:39 +0200
> > Roland Smith wrote:
> >
> >
> > > Or you can use the -nosalt option. But as explained in
> > > [http://www.openssl.org/docs/apps/enc.html], us
On Mon, May 25, 2009 at 10:06:01PM +0100, RW wrote:
> On Mon, 25 May 2009 21:00:39 +0200
> Roland Smith wrote:
>
>
> > Or you can use the -nosalt option. But as explained in
> > [http://www.openssl.org/docs/apps/enc.html], using a random salt by
> > default is a design decision because: "Without
On Mon, 25 May 2009 21:00:39 +0200
Roland Smith wrote:
> Or you can use the -nosalt option. But as explained in
> [http://www.openssl.org/docs/apps/enc.html], using a random salt by
> default is a design decision because: "Without the -salt option it is
> possible to perform efficient dictionary
On Sun, May 24, 2009 at 10:57:35PM -0700, Kelly Jones wrote:
> Are there any secure openssl symmetric encryption routines that
> *don't* use a salt?
>
> Is it secure to use a random-but-fixed salt (openssl enc -S salt)?
>
> "man enc" says "This option [-salt] should ALWAYS be used [...]"
>
> Rea
On Sun, 24 May 2009 22:57:35 -0700
Kelly Jones wrote:
> and was surprised that doing this to identical files yielded different
> results. I then realized "openssl enc" randomly(?) chooses a salt if
> you don't supply one.
>
> I want my backups encrypted, but I also want identical files to
> enc
