Date: Sun, 18 Dec 2005 20:18:18 +0300 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: salts (was: question-newbi) On Thu, Dec 15, 2005 at 03:13:36PM -0500, John Smith wrote: > Salt is a "random" string that is concatenated with passwords before > being operated on by the hash function. This is a valid, but greatly simplified description. For those who might be interested in a more complete description, here's what I wrote in a private e-mail responding to a similar question: "salts" in general, not necessarily applied to Unix passwords, you may find explained in good books on cryptography. For example, I've just taken my copy of Alfred J. Menezes et al. "Handbook of Applied Cryptography" (780 pages), opened the Index and it has two references for "Salt". The first one is specific to a case that has little to do with passwords (although the concept of "salting" is still the same), while the other one is precisely about password hashing (page 390, "Salting passwords", then, a few pages later, the book covers the traditional DES-based Unix password hashes). The book isn't very new (first published in 1996 I think), so it won't cover modern advances precisely in this area (other Unix password hashes in use nowadays and such), but most of the concepts are old enough. Of course this information may also be found online, in particular in Terry Ritter's collections of commented and well-organized sci.crypt and other online postings: http://www.ciphersbyritter.com and in particular for "salts": http://www.ciphersbyritter.com/NEWS6/SALT.HTM Update: The Alfred J. Menezes et al. book I was referring to in this e-mail is now available for download: http://www.cacr.math.uwaterloo.ca/hac/ Additionally, Owl and other GNU/Linux distributions which have integrated my crypt_blowfish package include this brief explanation of what salts are for in the crypt(3) manual page: All of the hashing methods use salts such that the same key may produce many possible hashes. Proper use of salts may defeat a number of attacks, including: 1. The ability to try candidate passwords against mul- tiple hashes at the price of one. 2. The use of pre-hashed lists of candidate passwords. 3. The ability to determine whether two users (or two accounts of one user) have the same or different passwords without actually having to guess one of the passwords. crypt_blowfish and the manual page (in roff and PostScript formats) is available here: http://www.openwall.com/crypt/ > As I recall windows doesn't use salts. That's correct. -- Alexander Peslyak <solar at openwall.com> GPG key ID: B35D3598 fp: 6429 0D7E F130 C13E C929 6447 73C3 A290 B35D 3598 http://www.openwall.com - bringing security into open computing environments Was I helpful? Please give your feedback here: http://rate.affero.net/solar
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.