Heray-Was-Here
Server : Apache
System : Linux vps103298.mylogin.co 4.18.0-513.11.1.el8_9.x86_64 #1 SMP Wed Jan 17 02:00:40 EST 2024 x86_64
User : calvet ( 273824)
PHP Version : 7.4.33
Disable Function : NONE
Directory :  /usr/share/doc/libmcrypt-devel/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : //usr/share/doc/libmcrypt-devel/README.key
Mcrypt 2.1 was insecure (vulnerable to brute force attack for weak keys) 
because it just used the plainkey as it was given by the user as algorithm's
key. The solution seems to be a function which tranforms the
key given by the user to a real -random looking- key. 

There are many functions that may convert a password or a passphrase to
a key. Most of them use hash algorithms. You can find some implementations
at the libmhash package at: http://mhash.sourceforge.net

Hry