[cs631apue] HW5 - Storing the salt value
Tejas Nadkarni
tnadkarn at stevens.edu
Sun Dec 8 15:32:21 EST 2013
Sorry disregard the message
On Sun, Dec 8, 2013 at 3:31 PM, Tejas Nadkarni <tnadkarn at stevens.edu> wrote:
> FYI - I just did a git pull and make. I'm getting 400 Bad Request for
> everything now - for definitely valid stuff.
>
> I haven't made changes recently so might be some of the stuff Luis did.
>
> Luis when you have a chance can you take a look?
>
> Thanks,
> Tejas
>
>
>
> On Sun, Dec 8, 2013 at 2:13 PM, Jan Schaumann <jschauma at stevens.edu>wrote:
>
>> lbustama <lbustama at stevens.edu> wrote:
>>
>> > With my current implementation, the user has to provide the salt both
>> > when encrypting and decrypting.
>> >
>> > Would it make sense to store the salt with he encrypted output? and is
>> > it required?
>>
>> Yes and no.
>>
>> Storing the sal with the encrypted output is reasonable and commonly
>> done. The drawback is that this requires you to define a specific
>> format (even if the format is only "the first N bytes are the salt"),
>> which means that the tool wouldn't be compatible with other tools not
>> implementing this specific format.
>>
>> You may choose to see how openssl(1) does this and consider using the
>> same format, so that your tool can decrypt data encrypted via
>>
>> openssl enc -aes-256-cbc -in file -out file.enc -S CAFEFACEDEADBEEF
>> ./aed -d <file.enc
>>
>> However, doing this is not required.
>>
>> -Jan
>> _______________________________________________
>> cs631apue mailing list
>> cs631apue at lists.stevens.edu
>> https://lists.stevens.edu/mailman/listinfo/cs631apue
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.stevens.edu/pipermail/cs631apue/attachments/20131208/130c7280/attachment.html>
More information about the cs631apue
mailing list