[cs631apue] HW5 - Storing the salt value
Jan Schaumann
jschauma at stevens.edu
Sun Dec 8 14:13:05 EST 2013
lbustama <lbustama at stevens.edu> wrote:
> With my current implementation, the user has to provide the salt both
> when encrypting and decrypting.
>
> Would it make sense to store the salt with he encrypted output? and is
> it required?
Yes and no.
Storing the sal with the encrypted output is reasonable and commonly
done. The drawback is that this requires you to define a specific
format (even if the format is only "the first N bytes are the salt"),
which means that the tool wouldn't be compatible with other tools not
implementing this specific format.
You may choose to see how openssl(1) does this and consider using the
same format, so that your tool can decrypt data encrypted via
openssl enc -aes-256-cbc -in file -out file.enc -S CAFEFACEDEADBEEF
./aed -d <file.enc
However, doing this is not required.
-Jan
More information about the cs631apue
mailing list