"Fossies" - the Fresh Open Source Software Archive
Member "libmcrypt-2.5.8/doc/README.key" (9 Mar 2002, 472 Bytes) of package /linux/privat/old/libmcrypt-2.5.8.tar.gz:
As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard
) with prefixed line numbers.
Alternatively you can here view
the uninterpreted source code file.
1 Mcrypt 2.1 was insecure (vulnerable to brute force attack for weak keys)
2 because it just used the plainkey as it was given by the user as algorithm's
3 key. The solution seems to be a function which tranforms the
4 key given by the user to a real -random looking- key.
6 There are many functions that may convert a password or a passphrase to
7 a key. Most of them use hash algorithms. You can find some implementations
8 at the libmhash package at: http://mhash.sourceforge.net