Overview#

Salt is a non-secret, random value that's used to ensure that the same message (often a Password) will not consistently hash to the same output value.[1]

Salt is typically used to prevent precomputation attacks such as Rainbow Tables or dictionary attacks.

Salt is generally appended to the clear-text password, which is the encoded using the desired message digest algorithm, and then the clear-text Salt is appended to the message digest and the resulting value is Base64. This makes it possible to determine what the salt was so that it can be used to determine whether a user-supplied password is correct.

The Crypt uses a relatively weak 12-bit Salt, which means that there are only 4096 ways of encoding any value. This is a relatively low number, and therefore it is possible to construct dictionaries of every possible encoding for a wide range of values for use in breaking user passwords. Other Password Storage Scheme in OpenDS use a 64-bit Salt which provide 18446744073709551616 different ways of encoding any one value.

If you Salt#

Salted Password Hashing - Doing it Right [2]

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-12) was last changed on 28-Oct-2016 12:03 by jim