Re: How to encrypt/decrypt a file

"Valery Pryamikov" <valery@xxxxxxxxx> wrote in message news:uV12dpBNGHA.1124@xxxxxxxxxxxxxxxxxxxxxxx

Adding a "salt" is redundant... and even harmful since it is just unnecessary goo that distructs
attention from the real task - secure encryption.

So are you claiming that the salt used in the algorithm behind .NET PasswordDeriveBytes
adds NO useful entropy (or added randomness) and hence is useless?

- Mitch


.

Relevant Pages

  • Re: Hashed PWs more secure than encrypted PWs?
    ... >> If the salt is different, ... MD5 is a message-digest algorithm, ... >this way as opposed to DES? ...
    (comp.security.unix)
  • Re: Hashed PWs more secure than encrypted PWs?
    ... >> If the salt is different, ... MD5 is a message-digest algorithm, ... >this way as opposed to DES? ...
    (comp.security.unix)
  • RE: Can Kerberos be cracked??
    ... Subject: Can Kerberos be cracked?? ... Interesting point about the salt. ... "Finally, where a key is to be derived from a user's password, an algorithm ... compare the results with the known hash. ...
    (Focus-Microsoft)
  • Re: Hash MD5, Sha1 and Length
    ... Salt must always be present, either generated or retrieved form the ... public static String Hash ... // Hash value ... algorithm = new MD5CryptoServiceProvider; ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: [PHP] password hashing and crypt()
    ... recommends to externally create a salt and to store that in a separate ... Do *NOT* let PHP pick the salt for you. ... Now suppose server/host B does NOT have that algorithm installed, ... installed, which means you can do something intelligent (like install ...
    (php.general)
Quantcast