Re: Importance of salt
vla10d_at_gmail.com
Date: 09/16/05
- Next message: vla10d_at_gmail.com: "Re: Importance of salt"
- Previous message: Dominick Baier [DevelopMentor]: "Re: Strong Names Secure???"
- In reply to: Dominick Baier [DevelopMentor]: "Re: Importance of salt"
- Next in thread: Dominick Baier [DevelopMentor]: "Re: Importance of salt"
- Reply: Dominick Baier [DevelopMentor]: "Re: Importance of salt"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 16 Sep 2005 00:53:25 -0700
Precomputed tables... now this really sheds some light. :) I didn't
think about the hashed dictionaries. Okay, I see now how any kind of
salting helps against that kind of dictionaries. On the other hand, if
the attacker uses plain dictionaries and computes the hash at runtime
(with my salt), then I can use high number of iterations to slow him
down a bit. Thanks for the explanation... :)
As for your suggestions... this means that the attacker will first have
to try to decrypt a key by lets say dictionary attack, and for each
attempt (each retrieved key) he has to try to decrypt the entire
message with that key. I'm not sure that this is dramatically better
than the original situation where the attacker tries to generate a key
and use that key to decrypt the message. The only advantage that I see
is that in your case, he will spend a bit more time, since he has to
decypt twice. At least thats my understanding, please correct me if i'm
wrong... :)
V.
- Next message: vla10d_at_gmail.com: "Re: Importance of salt"
- Previous message: Dominick Baier [DevelopMentor]: "Re: Strong Names Secure???"
- In reply to: Dominick Baier [DevelopMentor]: "Re: Importance of salt"
- Next in thread: Dominick Baier [DevelopMentor]: "Re: Importance of salt"
- Reply: Dominick Baier [DevelopMentor]: "Re: Importance of salt"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
