On Sun, 10 Dec 2000, Enzo Michelangeli wrote:

>> A more important problem with passphrase-based keys is collisions -
>> two people picking wimpy passwords can end up with the same keys.
>
>Salt should take care of this (as well as reducing the effectiveness
>of dictionary attacks).

There are times and places where you can use salt, and times and places 
where you can't.  In order to use salt with a passphrase, you have to 
store it somewhere.  And that means that a person who has only the 
ciphertext and the passphrase cannot decrypt.  If you use salt, then 
the ciphertext can be decrypted only in an environment where that 
particular salt is available.  That makes it nearly useless for 
networks or backups.

                                Bear



Reply via email to