|
In cryptography, a salt consists of random bits used as one of the inputs to a key derivation function. Sometimes the initialization vector, a previously generated (preferably random) value, is used as a salt. The other input is usually a password or passphrase. The output of the key derivation function is often stored as the encrypted version of the password. A salt value can also be used as a key for use in a cipher or other cryptographic algorithm. A salt value is typically used in a hash function. The German Lorenz cipher machine, used in World War II for encryption of very high-level general staff messages Cryptography (or cryptology; derived from Greek κÏυπτός kryptós hidden, and the verb γÏάφω gráfo write or λεγειν legein to speak) is the study of message secrecy. ...
This article is about the unit of information. ...
A Key derivation function (or KDF) is a cryptographic hash function which derives one or more secret keys from secret values and/or other known information. ...
In cryptography, an initialization vector (IV) is a block of bits that is required to allow a stream cipher or a block cipher executed in any of several streaming modes of operation to produce a unique stream independent from other streams produced by the same encryption key, without having to...
Random redirects here. ...
A password is a form of secret authentication data that is used to control access to a resource. ...
A passphrase is a sequence of words or other text used to control access to a computer system, program or data. ...
A key is a piece of information that controls the operation of a cryptography algorithm. ...
This article is about algorithms for encryption and decryption. ...
The German Lorenz cipher machine, used in World War II for encryption of very high-level general staff messages Cryptography (or cryptology; derived from Greek κÏυπτός kryptós hidden, and the verb γÏάφω gráfo write or λεγειν legein to speak) is the study of message secrecy. ...
A hash function is a reproducible method of turning some kind of data into a (relatively) small number that may serve as a digital fingerprint of the data. ...
The salt value may, or may not, be protected as a secret. In either case, the additional salt data makes it more difficult to conduct a dictionary attack against for example, a password file, using pre-encryption of dictionary entries. Each bit of salt used doubles the amount of storage and computation required. In cryptanalysis and computer security, a dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. ...
In some protocols, the salt is transmitted as cleartext with the encrypted data, sometimes along with the number of iterations used in generating the key (for key strengthening). Cryptographic protocols which use salts include SSL and Ciphersaber. In data communications, cleartext is the form of a message or data which is transferred or stored without cryptographic protection. ...
The word iteration is sometimes used in everyday English with a meaning virtually identical to repetition. ...
In cryptography, key strengthening or key stretching refer to techniques used to make a weak key such as a password or passphrase stronger, i. ...
Secure Sockets Layer (SSL) and Transport Layer Security (TLS), its successor, are cryptographic protocols which provide secure communications on the Internet. ...
CipherSaber is a symmetric encryption system based on RC4 that is simple enough that novice programmers can memorize the algorithm implement it from scratch, yet supposedly strong. ...
Early Unix systems used a 12-bit salt, but modern implementations use larger values. Filiation of Unix and Unix-like systems Unix (officially trademarked as UNIX®) is a computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs including Ken Thompson, Dennis Ritchie and Douglas McIlroy. ...
Salt is very closely related to the concept of nonce. In security engineering, a nonce is a number used once. ...
Why salt password hashes? A UNIX example In the classic UNIX passwd file, passwords are stored as a hash with a two-character salt prepended. The passwd file is publicly readable for all users of the system. It must be readable so user privileged software tools can find user names and other information. The security of passwords is protected only by the obscuring functions (enciphering or hashing) used for the purpose.
The modern shadow password system, in which password hashes and other security information are stored in a non-public file, somewhat mitigates these concerns. However, they remain relevant in multi-server installations which use centralized password management systems to "push" password or password hashes to multiple systems. In such installations, the "root" account on each individual system may be treated as less "trusted" than the administrators of the centralized password system, so it remains worthwhile to ensure that the security of the password hashing algorithm, including the generation of unique "salt" values, is adequate. The process of shadowing passwords is used to increase the security level of passwords on Unix systems, by hiding the encrypted passwords from ordinary users. ...
Salts also help protect against rainbow tables as they, in effect, extend the length and potentially the complexity of the password. If the rainbow tables do not have passwords matching the length (e.g. 8 bytes password, and 2 bytes salt, is effectively a 10 byte password) and complexity (non-alphanumeric salt increases the complexity of strictly alphanumeric passwords) of the salted password, then the password will not be found. If found, one will have to remove the salt from the password before it can be used. A rainbow table is a special type of lookup table that is constructed by placing a plaintext password entry in a chain of keys and cyphertexts, generated by a one-way hash. ...
Salts also make dictionary attacks and brute-force attacks for cracking large number of passwords much slower. Without salts, an attacker who is cracking many passwords at the same time only needs to hash each password guess once, and compare it to all the hashes. However, with salts, all the passwords will likely have different salts; so each guess must be hashed separately for each salt, which is much slower since hashing is usually very computationally expensive. In cryptanalysis and computer security, a dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. ...
In cryptanalysis, a brute force attack on a cipher is a brute-force search of the key space; that is, testing all possible keys, in an attempt to recover the plaintext used to produce a particular ciphertext. ...
Another (lesser) benefit of a salt is as follows: two users might choose the same string as their password. Without a salt, this password would be stored as the same hash string in the password file. This would disclose the fact that the two users have the same password, allowing each user to access the other's account. By salting the password hashes with two random characters, even if two users choose the same password, they cannot discover that they have done so by reading the passwd file.
See also Password cracking is the process of recovering secret passwords from data that has been stored in or transmitted by a computer system. ...
In security engineering, a nonce is a number used once. ...
In cryptography, an initialization vector (IV) is a block of bits that is required to allow a stream cipher or a block cipher executed in any of several streaming modes of operation to produce a unique stream independent from other streams produced by the same encryption key, without having to...
External links - Password Security: A Case History — Robert Morris & Ken Thompson.
- Tutorial to the concept of salt (forum post)
- Storing Passwords - done right!
|
Feeds |
Contact