Re: Importance of salt
From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 09/15/05
- Next message: vla10d_at_gmail.com: "Re: Importance of salt"
- Previous message: vla10d_at_gmail.com: "Importance of salt"
- In reply to: vla10d_at_gmail.com: "Importance of salt"
- Next in thread: vla10d_at_gmail.com: "Re: Importance of salt"
- Reply: vla10d_at_gmail.com: "Re: Importance of salt"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 15 Sep 2005 06:14:27 -0700
Hello vla10d@gmail.com,
first of all - you are mixing some terms here
Encryption - the term salt isn't commonly used here, you may think of an
IV (initialization vector) which is used to start a feedback chain when using
CBC.
but i think you really mean hashing (e.g. for passwords) -
salted hashes are : H(salt+password)
reasons for salting
a) you are not leaking information, e.g. if alice and bob have the same password
- the resulting hash would be the same - not with salted hashes
b) there a tables of pre-computed hashes, so e.g. you encounter a hashed
password of "HJK)((bbnmm" - all you have to do is, look up that table for
the hash and retrieve the clear text value. If you use salted hashes, you
cannot use pre-computed tables, but have to calculate the hash on each try.
this takes time.
By using PasswordDeriveBytes with a high iteration count, you even raise
the bar
a) the attacked does not know the iteration count from looking at the hash
b) it takes even longer now to mount brute force/dictionary attacks - say
a simple hash needs 1 ms - and a iterated hash 1 s to calculate - this makes
password guessing really infeasible
this all depends of course on the password complexity and the computing power
the attackers has at his disposal.
you are basically buying time.
That said - go for salted, iterated hashes by using PasswordDeriveBytes -
or even better the new .NET 2.0 Rfc2898DeriveBytes class.
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
> Hello,
>
> I have one question regarding the importance of salt in encryption.
>
> As I understand, the salt is used to prevent dictionary attacks. Also,
> it is recommended that the salt isn't always the same, and that it
> should be randomly generated for each message. This random salt should
> then be stored in the encrypted message, as a prefix for example, so
> that it could be retrieved during the decryption.
>
> Now, I don't understand how this helps with dictionary attacks? For
> example, if the attacker knows that the first 8 bytes for example are
> salt, can't he simply modify his attacking program to include that
> salt for each word he retrieves from the dictionary? The assumption
> here is that the attacker gets access to the original encryption
> software as well as the message.
>
> Secondly, can someone explain how do the increased interations in
> PasswordDeriveBytes help?
>
> Thanks for your help,
>
> V.
>
- Next message: vla10d_at_gmail.com: "Re: Importance of salt"
- Previous message: vla10d_at_gmail.com: "Importance of salt"
- In reply to: vla10d_at_gmail.com: "Importance of salt"
- Next in thread: vla10d_at_gmail.com: "Re: Importance of salt"
- Reply: vla10d_at_gmail.com: "Re: Importance of salt"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
