<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><div style='border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt'><div><div><p class=MsoNormal style='margin-bottom:12.0pt'><o:p> </o:p></p><div><p class=MsoNormal>On Tue, Feb 18, 2014 at 12:35 AM, <<a href="mailto:mkobetic@gmail.com" target="_blank">mkobetic@gmail.com</a>> wrote:<o:p></o:p></p><div><p class=MsoNormal> <o:p></o:p></p></div><blockquote style='border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in'><div><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>With stream ciphers (or block cipher in modes that emulate a stream cipher, e.g. OFB, CTR) you absolutely must not reuse the same key to encrypt different data (</span><a href="http://en.wikipedia.org/wiki/Stream_cipher_attack" target="_blank"><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>http://en.wikipedia.org/wiki/Stream_cipher_attack</span></a><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>). You could try to devise a way to avoid re-using the exact same key, e.g. generate the encryption key by mixing in a unique id of the field that you're encrypting along with the password, but unless you really know what you're doing, it's quite easy to make a fatal mistake in your design. Best way to do this is to stick with standard solutions. You're trying to use passwords for encryption, so your standard options would be PKCS#5, bcrypt or scrypt.</span><o:p></o:p></p></div></blockquote><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>Martin had a fantastic presentation a few years ago at StS (or was it ESUG) where he started off showing slides based on a stock yellow-on-blue Powerpoint template. It was about how to use VisualWorks encryption packages; interesting from a technical point of view, but visually pretty dull. Then he starts demonstrating by selecting regions of his slides and encrypting them on the spot. The encrypted areas were just rectangular holes in the slide filled with noise. Then he selected two regions of the slide, encrypted them with the same key, and xored them together. Despite the overlap of the two regions, you could easily make out the content of the slide. It was the best demonstration of a mathematical concept I've ever seen.<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>Colin<o:p></o:p></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>That’s very cool!<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Ron<o:p></o:p></span></p></div></div></div></div></div></div></body></html>