Pad identification with full checksum length

kfogel / OneTime

An open source encryption program that uses the "one-time pad" method.

http://red-bean.com/onetime

32 stars 14 forks source link

Closed Translator712 closed 9 months ago

Translator712 commented 7 years ago

imho it is a security risk to publish the full checksum of the used pad.

normaly it is enough to check the last 5-10 chars of it. I have never seen two nearly similar md5sums for example. Could you change it?

kfogel commented 9 months ago