Re: Values to use for a salt?

From: Adi Kriegisch (adi_at_cg.tuwien.ac.at)
Date: 12/17/03

  • Next message: Michael Wojcik: "RE: Values to use for a salt?" 
    To: secprog@securityfocus.com
Date: Wed, 17 Dec 2003 18:09:41 +0100

    Hi!

    (I just subscribed and did not follow the whole thread -- so maybe someone
    already gave the same answer?!)

    > > Someone suggested recently of using the password as the salt. I have
    >
    > never seen this discussed before, and would like to get opinions of it.
    > What would be wrong with this, especially if it were altered in some way
    > before being used, such as using a simple replacement table to change
    > letters to special characters? This way, the salt would not have to be
    > stored because it would be a derivative of the password. How would this
    > differ from the traditional approach of generating a random salt and
    > storing with the hashed password?
    Using the users password as salt is not a good idea because besides preventing
    dictionary attacks a salt is used for avoiding situations where two users
    using the same password which -- as a hashed password -- is then equal as
    well...

    > > Also, how much less secure would it be to use a user ID as the salt
    > instead of a random salt that then has to be stored? I've been thinking
    > about these, but feel I am missing important ideas.
    I still think it this not a good idea:
    users may change passwords but they never change user IDs (at least I have
    never seen an environment where user IDs were changed.) So our (imaginary)
    attacker may just prepare his list of hashed passwords and keep it. He just
    needs to compare new (hashed) passwords with this list...
    ...and one more: most systems start with certain user IDs like 100, 500 or
    1000.... or use 0 for root... so to me its obvious how weak this would be...

    best regards,
            Adi Kriegisch

  • Next message: Michael Wojcik: "RE: Values to use for a salt?"

    Relevant Pages

    • Re: passwd replacement
      ... If you are generating a hashed password, ... The hash is a one-way function, ... all variations on the same theme. ... The "salt" determines which of the 4096 functions was used ...
      (comp.unix.solaris)
    • Re: Where to store your salt
      ... > hashing passwords with salt, I see that the salt is stored in the same table ... > attack harder but if we store the salt close to the hashed password then the ... pre-computed hashes. ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Quantcast