Re: Password scrambler program
- From: yarrkov@xxxxxxxxx
- Date: Tue, 11 Mar 2008 15:10:53 -0700 (PDT)
On 11 maalis, 18:38, David Eather <eat...@xxxxxxxxxx> wrote:
On 11 maalis, 03:04, David Eather <eat...@xxxxxxxxxx> wrote:
On 10 maalis, 16:29, David Eather <eat...@xxxxxxxxxx> wrote:Salt is normally considered public. No doubt it is stored somewhere as
battles wrote:The program allows using a secret salt with the hash function, which
Just for your interest/discussion. I have found a freeware programIf the program also does what is called password stretching then it has
that quickly changes a user's small, easily remembered password into a
more formidable one. You simply type in a short password into a
password box, highlight it, and then press F8 (any Fn key can be
chosen). The short password is then changed into a salted (you
provide the string to salt it with) MD5 equivalent with the ability to
choose the outcome length (8 - 32). I have a password that I always
use and alter it with the same criteria that I get from each website.
The program can be found here:
some value. With password stretching a source of some entropy (your
password) is sent to a hash function and hashed multiple times - 1000 is
a common number.
works effectively as a key.
So it calculates (basically) H(key+short_password). Finding the key
("salt") is not a trivial problem if it's properly chosen, no matter
how many hash results are known or even if the "short passwords" are
known. Brute-forcing through just possible "short passwords" is not
considered possible (with a strong hash function) unless the key is
known. Brute-force must also go through all keys. It doesn't matter
how weak your "short passwords" are if the main key ("salt") is
unencrypted data, and so not helping at all against some types of attack.
It is only stored locally, I did say "salt" because I'm not sure if
it's a fully accurate description in this case, key would perhaps be
more descriptive. If an attacker has access to it, you have already
lost anyway. I have trouble understanding how the concept of this
would not seem trivially obvious.
If someone is trying to brute force their way into something like a
website or a bank account then the salt helps you regardless of a good
or bad password. If a TLA grabs your computer and you refuse to give
them the password then the salt doesn't help and you are protected only
by the good or bad password. Is that a trivially obvious enough attack
Yes. But from my impression (the URL for the program itself seems to
be dead so I can't check), this program asks for the "salt" when you
run it, as in Tim Smith's method. If you get to view it locally, you
might as well grab, for example, the keys from disk encryption
software as it's running. I don't consider that a very noteworthy
If you get shitty whenever you miss something then it's better you don't
ask the question.
A scheme that works effectively
equivalently would be to encrypt the short password (which can as well
be the site's name, doesn't matter at all if it's known) with your
main key and use the encrypted version as a password for the site. You
can xor the encrypted version with your main password before using it
to make it a hash but it doesn't matter. And you can't make an attack
assume that the attacker has access to the key.
Note: I made an error in claiming xoring the main password to the
encrypted block would make it a hash. You can make it one-way by
xoring the encrypted block with the site name (not that it's of any
- Re: Password scrambler program
- From: David Eather
- Re: Password scrambler program