Salt
in [Cryptography]
|
Prev: Status of cryptography mailing list at Metzdowd?
Next: A pattern found in first 25 million Prime Number sums - using the golden ratio log!
From: Buzz on 23 Feb 2010 22:00 Comparing these 2 things 1) Hashing a X byte Salt & Y Byte Password or 2) Hashing a (X + Y) Byte Password. Will 1 be more secure than 2? If yes, I am not able to understand the reason? Can someone help? Basically, in many cases, I am not able to figure out how a salt helps? Relative newbie to crytography, so please bear with me.
From: Kristian Gj�steen on 24 Feb 2010 03:33 In article <hm24oc$ugm$1(a)news.eternal-september.org>, Buzz <b(a)b.com> wrote: >Comparing these 2 things >1) Hashing a X byte Salt & Y Byte Password > >or > >2) Hashing a (X + Y) Byte Password. or 3) Hashing a Y Byte Password. >Will 1 be more secure than 2? If yes, I am not able >to understand the reason? Can someone help? No, but it will be more secure against 3. >Basically, in many cases, I am not able to figure out >how a salt helps? > >Relative newbie to crytography, so please bear with me. Suppose Y is chosen from a small set. Then it is possible to build a table of password/hash pairs. With that table, you can instantly invert the hashing. Add a sufficiently big salt and it will be impossible to build such a table. To invert the hashing, you now need to search the entire small space. When you are only interested in one password, this doesn't matter. When you are interested in multiple passwords, it does. -- Kristian Gj�steen
From: Buzz on 24 Feb 2010 07:03 "Kristian Gj�steen" <kristiag+news(a)math.ntnu.no> wrote in message news:hm2o9l$bk3$1(a)orkan.itea.ntnu.no... > In article <hm24oc$ugm$1(a)news.eternal-september.org>, Buzz <b(a)b.com> > wrote: >>Comparing these 2 things >>1) Hashing a X byte Salt & Y Byte Password >> >>or >> >>2) Hashing a (X + Y) Byte Password. > > or > > 3) Hashing a Y Byte Password. > >>Will 1 be more secure than 2? If yes, I am not able >>to understand the reason? Can someone help? > > No, but it will be more secure against 3. Yes. I understand that. >>Basically, in many cases, I am not able to figure out >>how a salt helps? >> >>Relative newbie to crytography, so please bear with me. > > Suppose Y is chosen from a small set. Then it is possible to build a > table of password/hash pairs. With that table, you can instantly invert > the hashing. > > Add a sufficiently big salt and it will be impossible to build such > a table. To invert the hashing, you now need to search the entire > small space. So if I understand correctly, the basic purpose of a salt is this. - It would be very inconvinient for a user if you enforce that a password has to be very large - say 20 chars long. - So instead you enforce a 8 char long limit & generate & add a 12 char long salt(per user). You store the user's salted hashed password & the hash at one place. > When you are only interested in one password, this doesn't matter. When > you are interested in multiple passwords, it does. True.
From: Paulo Marques on 24 Feb 2010 10:09 Buzz wrote: > "Kristian Gj�steen" <kristiag+news(a)math.ntnu.no> wrote in message > [...] >> Add a sufficiently big salt and it will be impossible to build such >> a table. To invert the hashing, you now need to search the entire >> small space. > > So if I understand correctly, the basic purpose of a salt is this. > - It would be very inconvinient for a user if you enforce that a password > has to be very large - say 20 chars long. > - So instead you enforce a 8 char long limit & generate & add a 12 char > long salt(per user). You store the user's salted hashed password & the hash > at one place. Don't think in terms of limiting the password size (which is bad), but just user convenience. Memorizing secure passwords is hard on humans. So anything the software can do to increase the security given the same password without more user effort, is always a good thing. This includes at least salting and key stretching. >> When you are only interested in one password, this doesn't matter. When >> you are interested in multiple passwords, it does. > > True. This is true, but remember that even though _you_ might be only interested in one password, someone else might have been interested in another password using the same system, and might already have built the rainbow tables needed to crack the password you want. -- Paulo Marques - www.grupopie.com "To know recursion, you must first know recursion."
From: Buzz on 24 Feb 2010 10:34
"Paulo Marques" <pmarques(a)grupopie.com> wrote in message news:ppadnW2MKODc3BjWnZ2dnUVZ8nWdnZ2d(a)novis.pt... > Buzz wrote: >> "Kristian Gj�steen" <kristiag+news(a)math.ntnu.no> wrote in message >> [...] >>> Add a sufficiently big salt and it will be impossible to build such >>> a table. To invert the hashing, you now need to search the entire >>> small space. >> >> So if I understand correctly, the basic purpose of a salt is this. >> - It would be very inconvinient for a user if you enforce that a password >> has to be very large - say 20 chars long. >> - So instead you enforce a 8 char long limit & generate & add a 12 char >> long salt(per user). You store the user's salted hashed password & the >> hash >> at one place. > > Don't think in terms of limiting the password size (which is bad), but > just user convenience. I was referring to minimum limit, not maximum. I don't think that is bad. If your minimum limit is 8, then using a 8 char password + 4 char salt would offer the same security as if your minimum limit was 12, but more convinient. > > Memorizing secure passwords is hard on humans. So anything the software > can do to increase the security given the same password without more > user effort, is always a good thing. This includes at least salting and > key stretching. What is key stretching? >>> When you are only interested in one password, this doesn't matter. When >>> you are interested in multiple passwords, it does. >> >> True. > > This is true, but remember that even though _you_ might be only > interested in one password, someone else might have been interested in > another password using the same system, and might already have built the > rainbow tables needed to crack the password you want. |