Re: Is there any weakness in adding static/known data (salt) to the password hash

From: Michael Amling (nospam_at_nospam.com)
Date: 07/31/03 

Date: Thu, 31 Jul 2003 04:49:55 GMT

Bryan Olson wrote:
> MacGregor K. Phillips wrote:
>
> > Another area where you can use salt when calculating a SHA1 hash is in
> > registration schemes for programs. I use the persons name, a static
> phrase,
> > and 96 bytes of random data to calculation a registration number for a
> > program. I encrypt the 96 bytes of random data with an RSA secret key
> and
> > send it all in one file (the name, registration number, and encrypted
> data)
> > which the program can read. The program decrypts the encrypted random
> data
> > with the RSA public key embedded in the program, and then calculates the
> > SHA1 hash from the name, static phrase, and random data, and compares
> it to
> > the registration number to see if it is authentic.
> >
> > This in effect prevents hackers from creating a program that can
> generate
> > keys for your program.
>
> The scheme as described above is weak. An attacker can create a
> program that generates 'keys' for any given name.
>
> Get one registration code, run the pseudo-encrypted bytes
> through the public key (embedded in the program) to get the
> original 96 bytes. Given any name, append the static data and
> decrypted bytes, then hash to get a registration code for that
> name.
>

   My gosh, you're right. After all the rigmarole with an RSA key pair,
the registration is not actually digitally signed.

--Mike Amling