On Mon, May 31, 2010 at 20:06, Mosh <[email protected]> wrote:
> http://en.wikipedia.org/wiki/Key_strengthening > The salt is a random number concatenated to the password to create a > one time key. Everything else being equal, it makes (slightly) more sense to prefix the salt, not to suffix it. Obviously, this is more important with ciphers than with hashes, but the basic point remains. > This prevents someone from precomputing keys (dictionary), > because the salt is a different in each file. Ideally, the salt would change every time the file is saved. Another trick, especially as there is no integrity control in Vim's encryption, would be to have an ever-changing prefix _within_ the file, perhaps even with unprintable bytecodes. That would make the typical high-speed attacks (only decrypt the first few bytes and go to the next key if you encounter any non-char sequences) a lot harder. On the other hand, this only works for files that are meant for humans and/or that are very liberal when parsing input. Richard -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php
