On 1/27/07, Don Smith <[EMAIL PROTECTED]> wrote:
I don't see how adding salt to the key can provide more security if the user has chosen a long key with sufficient entropy. For example, if the user used the original -k option and had a truly random 448 bit key, adding the salt would have no advantage, if the salt only affected the key. It could even be a disadvantage, as the 448 bit random key the user chose would be reduced to a 128 bit key with the salt added in.
a lot of people have a hard time generating random keys. in particular, there's a lot of keys that can't be entered with -k, and an enormous number of keys that you'd have a very difficult time entering.
