-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Kiss Gabor (Bitman) wrote: >>> The password is not random therefore every time you encrypt the same >>> plaintext you got the same cryptfile. >> No, you won't. All sound encryption schemes use a bit of random to >> make the resulting ciphertext different. In the easiest case this is >> called a salt and used to stop dictionary attacks. For example, such a >> salt has been used for 25 years or so on all Unix systems to protect >> the login password. >> >>> (The opposite would cause big problems in a disk encryption system. >>> :-) >> No. Different ciphertexts may yield the same plaintext. > > A test speaks for itself: > > $ cat /etc/passwd | aespipe | md5sum Password: > 9220c2e1d5a5a83710d020b04c306c24 - $ cat /etc/passwd | aespipe | md5sum > Password: 9220c2e1d5a5a83710d020b04c306c24 - $ > ?????
Apples and Oranges. Consider: $ gpg --output test1.gpg --encrypt --recipient jeandavid8 [at] verizon [dot] net /etc/passwd $ gpg --output test2.gpg --encrypt --recipient jeandavid8 [at] verizon [dot] net /etc/passwd $ od -c test1.gpg | less 0000000 205 004 016 003 y 037 301 373 022 N 006 c 020 017 376 $ 0000020 353 } _ W \r - 314 030 B 303 z 226 223 340 S 313 0000040 375 0 4 $ ) 254 a \0 377 364 / < ; 222 ( 315 0000060 / 006 213 004 221 264 < a 255 247 B 275 \a 301 264 Q 0000100 203 250 . 257 \0 Q 376 232 312 266 3 . 321 022 b 215 0000120 374 $ 241 ` 256 j D 351 a 246 326 ? 223 313 210 $ 0000140 321 023 032 244 262 273 246 215 - i b > m " 255 313 0000160 035 240 337 230 \v B 327 \r 265 362 255 271 ( ? b 202 0000200 034 332 371 T 250 310 = 223 211 236 304 U 334 206 z ` $ od -c test2.gpg | less 0000000 205 004 016 003 y 037 301 373 022 N 006 c 020 017 376 8 0000020 A 217 B R 377 264 b y 361 X 243 \ 316 x 346 246 0000040 A 016 257 310 Y 032 265 & 022 g 016 327 274 276 364 337 0000060 ) b 211 354 \f 005 354 002 001 224 251 1 ) S \a 266 0000100 + 312 004 " 310 315 354 } A 206 p . 242 332 214 305 0000120 226 T 255 304 d 235 # B 240 \f 020 [ 003 x 023 305 0000140 210 l H 247 1 334 ( 216 6 257 H 314 A 023 323 363 0000160 = 361 9 V U ' c 7 s 247 372 9 306 202 342 203 0000200 l K Y 323 Y z 372 ~ \r \v 270 o J } 272 1 - -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key: 9A2FC99A Registered Machine 241939. /( )\ Shrewsbury, New Jersey http://counter.li.org ^^-^^ 14:25:01 up 1 day, 17:17, 5 users, load average: 4.04, 4.14, 4.22 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org iD8DBQFIlfqnPtu2XpovyZoRAo8CAJ9az5lSAAHKT3r1SFAcTow6vu0ACACfeSrU /t2BOHB7rHXejd+5DXK/mCM= =E/Rm -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
