Re: Values to use for a salt?

• Previous message: Eric Knight: "Re: Values to use for a salt?"
• Maybe in reply to: Craig Minton: "Values to use for a salt?"
• Next in thread: Brian Hatch: "Re: Values to use for a salt?"
• Reply: Brian Hatch: "Re: Values to use for a salt?"
• Reply: Marian Ion: "Re: Values to use for a salt?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: secprog@securityfocus.com
Date: Wed, 17 Dec 2003 21:57:31 -0600

I think you're missing the point of using salt.

Yes, it helps protect against isolated brute force cracks by further
randomizing a password's hash code, but this is a minor feature. Using the
extended ASCII set in a password serve's the same purpose. Regardless, I
certainly wouldn't rely upon salt to improve the quality of an individual's
password.

The importance of using salt is that it protects against hash code
comparing. Ideally, each password is hashed with a different salt value.
When this is done, the hash code of identical passwords is not identical.
One of the problems with LM and NTLM v1 passwords is salt wasn't used. As a
result, once you found one password you knew the password of anyone else
that has the same hash code.

There are other methods that can protect against hash code comparison, but
using larger character sets in a password is not one of them.

On a related note, earlier someone asked if it was advisable to use the
user's account name as the salt value. The answer is no. To be effective,
the salt value should be kept secret. In essence, what we're talking about
are HMACs (hashed method authentication codes). HMACs are only as good as
the secrecy of the key - and account names are not secret.

Depending on the length of time the hash code had to stand up and the value
of the information you're protecting, you could use the account name as
*part* of the key. A common technique is to take some data, hash it, drop
some of the bits and use the remainder as the key. In a highly simplified
example you could use Hash(account name + MAC address + IP address + Date +
Time to the nearest minute), drop enough bits off the end to make it the
right size and that could be the key. Depending on the difficulty in
regenerating the key it may stand up if the key is changed frequently and/or
the data holds little or no value in a short amount of time.

In order to validate the hash code, the validating system computes all hash
values (there are multiple valid keys) for each minute within a window of
time. If any of the codes match the hash code is considered valid. This is
basically what Kerberos does (and is why authentication doesn't work in a
Windows 2000+ network if the time isn't synchronized within 5 minutes).

Hope this helps,
Scott Mulcahy

-----Original Message-----
From: Marian Ion [mailto:marian.ion@e-licitatie.ro]
Sent: Wednesday, December 17, 2003 3:01 AM
To: CraigSecurity@blazemail.com; secprog@securityfocus.com
Subject: Re: Values to use for a salt?

Hi all,

Don't you think using extendedASCII set will dramatically increase the
performance of any algorithm currently in use? Imagine what a pass like
"|¤W-|[V.|1D-|`â-|Ë3-|%-|F0-| " means for a cracker: (selected from line
22 (I think...) from regedit.exe). Imagine using Unicode characters for keys
.....
Will you still need salt and others?

Marian Ion

_________________________________________________________________
Enjoy the holiday season with great tips from MSN.
http://special.msn.com/network/happyholidays.armx

• Previous message: Eric Knight: "Re: Values to use for a salt?"
• Maybe in reply to: Craig Minton: "Values to use for a salt?"
• Next in thread: Brian Hatch: "Re: Values to use for a salt?"
• Reply: Brian Hatch: "Re: Values to use for a salt?"
• Reply: Marian Ion: "Re: Values to use for a salt?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]