Re: Salt size

From: Unruh <unruh-spam@xxxxxxxxxxxxxx>
Date: Wed, 16 Jul 2008 21:42:27 GMT

Kless <jonas.esp@xxxxxxxxxxxxxx> writes:

I've been thinking that can been set a salt size according to password
entropy to obtain a security level choosen of 128-bits or 64 bits.

No. The salt is common knowledge. It cannot change the security level.

On Jul 16, 3:49=A0pm, Unruh <unruh-s...@xxxxxxxxxxxxxx> wrote:

OK, then as I have said, the salt is there to prevent precompiled
dictionary attacks on your system. 128 bit salt is way overkill.
It also does no harm. Even the 12 bits of the unix crypt
password helps a lot.
Decide for yourself.

References:
- Salt size
  - From: Kless
- Re: Salt size
  - From: Unruh
- Re: Salt size
  - From: Kless
- Re: Salt size
  - From: Unruh
- Re: Salt size
  - From: Kless
- Re: Salt size
  - From: Unruh
- Re: Salt size
  - From: Kless

Prev by Date: Re: Salt size
Next by Date: I'd like to ask a survey favor...
Previous by thread: Re: Salt size
Next by thread: I'd like to ask a survey favor...
Index(es):
- Date
- Thread

Relevant Pages

Re: Lizard engines and rat engines
... I need to do a lot more reading and thinking about entropy. ... into disorder can be prevented only by the expenditure of free energy. ... Consider a grain of salt. ...
(sci.bio.evolution)
Re: What is encryption in RIP Act?
... Any encryption program worth its salt will produce the same entropy as a randomly chosen sequence. ...
(uk.legal)
Re: Solubility
... S, and since the dissolved salt is more disordered, salts are generally more ... soluble at higher temperatures. ... It is the entropy ...
(sci.chem)
Re: MD5 for passwords
... IV = salt ... store IV ... It will still be insanely fast, but it is easy to prove that the final ... iteration has access to all the entropy, so you'll get at most the entropy ...
(sci.crypt)