Encryption master keys

Discussion in 'privacy technology' started by RockLobster, Jun 11, 2017.

  1. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    877
    I wonder if anyone can explain the reason why encryption products do not derive the encryption key from the users password, but instead, generate a supposedly random key that encrypts/decrypts the data while the users password is only used to encrypt that "master key"?
    It seems to me this system introduces an extra factor of weakness into the process for no apparent gain as we know already there is no such thing as a random number generator only psudo random which is not truly random.
    Moderator, I would appreciate it greatly if you would move this to the privacy technlogy section, I realised too late it does not belong here in the problems section.
     
    Last edited: Jun 11, 2017
Loading...