----- Original Message ----- > From: Swair Mehta <swairme...@gmail.com> > To: "openssl-users@openssl.org" <openssl-users@openssl.org> > Cc: > Sent: Friday, August 16, 2013 3:46 PM > Subject: Re: How to securely encrypt identical files to identical ciphertext? > > On 16-Aug-2013, at 7:49 AM, Unga <unga...@yahoo.com> wrote: > >> Hi all >> >> I have a requirement to encrypt files, in such a way identical files should > generate identical ciphertexts. >> >> I plan to use aes-256-cbc cipher with 128-byte long non-guessable password > per input file. Identical input files will be provided with identical > passwords. >> >> 1. Is it no salt the way forward for me? >> >> > Identical salts(ivs) should work. No salt works as well. > > Not sure what the requirement is here. The very point of crypto is > that u dont leak any info at any cost. >
Hi Thanks for the reply. The only info leak or known may be that my encryption generates identical cipher texts for identical files, and the pain text file is not known and the password also not known. I'm using very long non-guessable per file unique passwords. If by some luck find a password, it can only be used to decrypt one file, not any other file. So my question is, if I use no salt, does it become any less secure? Unga ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
