Kelly Jones wrote: > I want to use a random Blowfish key to encrypt files, so I did this: > > dd if=/dev/random of=mykey.bf count=100 bs=100 > > to create a 10K byte mykey.bf file. I can now encrypt foo.txt by doing: > > openssl enc -bf -pass file:mykey.bf -in foo.txt > foo.txt.encrypted > > However, "man enc" says "Blowfish and RC5 algorithms use a 128 bit key." > > Does this mean mykey.bf could've been just 16 bytes (128 bits) long?
Yes. > Or am I misunderstanding the word "key" here? That's how block ciphers work, nothing special here. Keys must be of the size(s) supported by the algorithm. If you read the openssl manual more closely, it says it expects the password file to be a text file, containing lines of text, and the first line will be used for encrypting. It will most likely hash the password thus retrieved into a suitable key for the cipher.
Description: OpenPGP digital signature