File encryption, adding salt and attracting deep applications

Adding salt is a way to increase the file encryption strength. We know that encryptionAlgorithmThe longer the user password, the stronger the encryption strength (when the user password is fully utilized). In fact, the so-called "salt" is to encryptProgramThe password is set. The program randomly generates several random numbers during the encryption process. These random numbers are used as part of the password and used together with the user password for encryption, salt, that is, the random numbers stored in the ciphertext for decryption, should be encrypted and stored in some way, such as using the CRC value of the user password to encrypt it. If there is no user password, the method of adding salt will be automatically encrypted, of course, it will also be automatically decrypted, so that as long as there is software there will be no password, so you must have a user password.
Encrypt files with software with the salt function and use the same user password for the same files. The ciphertext obtained each time is different. In fact, the overall password is different. This severely blocks plaintext and ciphertext attacks.
Because the program automatically completes adding salt, it is useless for exhaustive attacks and dictionary attacks. It is only effective for analysis attacks.
[Deep application of adding salt]
The encryption software that adds the salt function must store the salt value in the ciphertext, so the passwords are larger than those in the plain text. Can ciphertext be as big as plain text? This is not difficult. First, the salt character can be input characters. During encryption, these characters are displayed to the user. In addition to remembering the user password, the user must remember the salt (string ), these things are used for decryption. In addition to entering the user password, you must enter a salt string. The salt string can be entered with the user password or in a special edit box.
The benefits of this solution are:
1) because the number of characters in the password is long, it is safe to defend against brute force attacks (the total number of characters in the password must exceed a certain number ).
The original method of adding salt is the automatic behavior of the program, so there is no obstacle to the brute-force attack. Now, if you want to do anything different, you need to use salt and decrypt the Password = user password + salt string.
2) because the salt value does not exist in the ciphertext, it is safer.
The length of plain text and ciphertext is the same, and the salt string does not exist in the ciphertext, making it easier to know the salt content. However, I don't know whether salt can be used to analyze and crack the password. Since the length of the decryption password is greater than that of the encrypted password, it is futile to make the password too long.