Salting with hash data
- From: HappyCat <noemail>
- Date: Thu, 28 Feb 2008 13:33:43 -0600
Hello group
I have a need to hash card number data into a log file, such that at a
later point I can use the same hashing algorithm to check if a card number
is in the log file.
I'm aware that rainbow tables would be a useful attack vector on this data,
and so am looking for suggestions to strengthen the data.
My current thought is to salt the hash with data derived from the card
number, so the process would be something like:
md5 the original card number
take first 16 bytes of the md5 as salt
then sha-256 the original card number & salt
My somewhat limited knowledge of rainbow tables suggests that this 'semi-
random' salting would prevent attack via a single rainbow table, as it
makes the reduction function useless. Is this correct?
Are there any suggestions to salting hashes such that each hash uses a
different salt, but (with the known salting method) still allows the data
to be compared at a later point?
Kind regards
HC
.
- Follow-Ups:
- Re: Salting with hash data
- From: Paul Rubin
- Re: Salting with hash data
- Prev by Date: Re: triple algorithms
- Next by Date: Re: Salting with hash data
- Previous by thread: The Green Gate / Arabic Language Learning System
- Next by thread: Re: Salting with hash data
- Index(es):
Relevant Pages
|
|
