[Discuss] salt question

[warlord at MIT.EDU (Derek Atkins)]

"Eric Chadbourne" <eric.chadbourne at gmail.com> writes:

> Hi,
>
> I have a basic question about salt.
>
> I was reading this:
> http://www.openwall.com/articles/PHP-Users-Passwords
>
> And don't quite understand this line:
> "Salts are normally stored along with the hashes. They are not secret."
>
> So if they are not secret what is the advantage if your site is
> exploited?  Such as if the salt is stored in a config file couldn't
> the attacker utilize this with his rainbow tables?  Also I see in PHP
> crypt() you don't have to supply a salt.  How does that work?  Is
> there a distinct salt per hash, and if yes, where is this stored?
>
> I have a log in system I wrote myself with sha1 but from everything
> I've been reading this seems inadequate.

The advantage is that it prevents certain types of dictionary attacks.
It does this because the same password generates a different hash when
hashed with different salts.  So if you and I both use password xxxxxx
they wont hash to the same target in the database.  So if someone gets a
copy of the database they wont be able to see that you and I have the
same password.  Moreover, they wont be able to quickly see that you
happen to use the same password on a dozen different sites, because each
salt would be different so the hashes would all be different.

In general the salt is unique per user.  A global salt would at least
help across multiple sites on different services.  If you don't use a
salt then it's a direct hash of your password, which would be the same
as if there were a globally constant salt.

> Thanks for any tips!

Hope this helped?

> --
> Eric Chadbourne
> http://theMnemeProject.org/

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord at MIT.EDU                        PGP key available