The encrypted salt

Clear text always has some non-random redundant information, especially documents, reports and other format files. During World War II, the Germans used the Enigma Enigma rotor cipher to encrypt their telegrams, creating a very efficient encryption system at the time. The system brought great trouble to the Allied intelligence work in the early days of the war. Some German periodic reports have a fixed format and pattern, and the fixed elements in these texts are known to the Allies. Turing invented the key analysis machine, which utilizes these fixed components to accelerate the guessing process and to test the results of guessing. The German cryptographic expert is not unaware of this, and the Enigma password machine requires the transmitter to type 3 random characters before they can type in clear text. These three random characters will allow the cipher machine to enter a random initial state, to avoid the fixed-format header output the same ciphertext. Unfortunately, for the sake of convenience, the German transmitters often use fixed three characters such as nnn as scrambling codes, so that the scrambling code that was used to strengthen it became one of the breakthroughs of Allied analysis. Fixed input, so that the output ciphertext is completely controlled by the key. On the one hand, attackers can advance watchmaking to improve real-time analysis speed. On the other hand, it provides the termination condition for the automatic decoding machine, and greatly reduces the analysis workload. For flawed algorithms, this insipid plaintext is even worse.

From the information theory point of view, the formatted fixed header and other redundant information is zero, so the plaintext (plane text) as plain water (plane water) as bland. To prevent this redundancy threat password security in plaintext, we add a random number to the front of the plaintext before encrypting it. This random number makes the same plaintext, and the same key will still output different ciphertext. This random number adds a definite amount of information to plaintext that may be very low in content. This random number makes the plaintext no longer dull, and we call it salt.

Salt participates in cryptographic operations, making the output more elusive. The entropy of the salt determines the amount of variation in the output of the same input case. N-bit long salt, so that a clear text corresponds to 2n of possible ciphertext. Having enough salt will immediately block the look-up attack. The purity of the salt affects the taste, and so does encryption. Pure salt comes from a hard random number generator, which is not always owned by the target device. A qualified pseudo-random number generator, also as a salt source. When evaluating cryptographic performance, the use and source of salt is a matter of concern.

OpenSSL encryption command salt is used in the absence of the capital, and the salt value comes from the random number generator built into OpenSSL. The ENC symmetric encryption command for OpenSSL with the-p parameter, the output salt: The following value is the salt used for this encryption. In the course of the program troubleshooting, the same plaintext corresponding to the random ciphertext is sometimes inconvenient, then we can use the-nosalt option to temporarily close the salt, in order to check our output values and format is expected.

The encrypted salt