[8252] in cryptography@c2.net mail archive
Re: migration paradigm (was: Is PGP broken?)
daemon@ATHENA.MIT.EDU (Ray Dillinger)
Mon Dec 11 01:02:03 2000
Date: Sun, 10 Dec 2000 10:56:27 -0800 (PST)
From: Ray Dillinger <bear@sonic.net>
To: Enzo Michelangeli <em@who.net>
Cc: cryptography@c2.net
In-Reply-To: <008101c06295$3aff6880$6000a8c0@em>
Message-ID: <Pine.LNX.4.21.0012101049300.9244-100000@bolt.sonic.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Sun, 10 Dec 2000, Enzo Michelangeli wrote:
>> A more important problem with passphrase-based keys is collisions -
>> two people picking wimpy passwords can end up with the same keys.
>
>Salt should take care of this (as well as reducing the effectiveness
>of dictionary attacks).
There are times and places where you can use salt, and times and places
where you can't. In order to use salt with a passphrase, you have to
store it somewhere. And that means that a person who has only the
ciphertext and the passphrase cannot decrypt. If you use salt, then
the ciphertext can be decrypted only in an environment where that
particular salt is available. That makes it nearly useless for
networks or backups.
Bear
