article

In cryptography, a salt consists of random bits used as one of the inputs to a key derivation function. Sometimes the IV, a previously generated (preferably random) value, is used as a salt. The other input is usually a password or passphrase. The output of the key derivation function is often stored as the encrypted version of the password. It can also be used as a key for use in a cipher or other cryptographic algorithm. A salt value is typically used in a hash function.

The salt value may or may not be protected as a secret. In either case the additional salt data makes it more difficult to conduct a dictionary attack using pre-encryption of dictionary entries, as each bit of salt used doubles the amount of storage and computation required.

In some protocols, the salt is transmitted in the clear with the encrypted data, sometimes along with the number of iterations used in generating the key (for key strengthening). Cryptographic protocols that use salts include SSL and Ciphersaber.

Early Unix systems used a 12-bit salt, but modern implementations use more.

Salt is very closely related to the concept of nonce.

Why salt password hashes?

In the classic Unix passwd file, passwords are stored as a hash with a two-character salt prepended. The passwd file is public knowledge to all users of the system; it needs to be readable so that users' tools can look up usernames and other information about other users. The security of passwords is protected only by the hash function that encrypts them.

A salt is used chiefly for one particular reason: Two users might choose the same string as their password. Without a salt, this password would be stored as the same hash string. This would disclose the fact that the two users have the same password, allowing each user to access the other's account. By salting the password hashes with two random characters, even if two users choose the same password, they cannot discover that they have done so by reading the passwd file.

The modern shadow password system, in which password hashes and other security information are stored in a non-public file, largely obsoletes these concerns.

See also

External links

Cryptography

Salz (Kryptologie) | Salt (cryptografie)

 

This article is licensed under the GNU Free Documentation License. It uses material from the "Salt (cryptography)".

Home Pageartsbusinesscomputersgameshealthhospitalshomekids & teensnewsphysiciansrecreationreferenceregionalscienceshoppingsocietysportsworld