From: Tony Kava (securityfocuspottcounty.com)
Date: Tue Dec 16 2003 - 11:18:29 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Someone suggested recently of using the password as the salt. I have
never seen this discussed before, and
> would like to get opinions of it. What would be wrong with this,
especially if it were altered in some way
> before being used, such as using a simple replacement table to change
letters to special characters? This way,
> the salt would not have to be stored because it would be a derivative of
the password. How would this differ
> from the traditional approach of generating a random salt and storing with
the hashed password?

> Also, how much less secure would it be to use a user ID as the salt
instead of a random salt that then has to be
> stored? I've been thinking about these, but feel I am missing important
ideas.

The purpose of storing hashes rather than passwords is of course to prevent
the discover of plain-text passwords if the password file is compromised.
You are correct on why the salt is important as it can delay brute-force
attacks assuming that not every user has the same salt.

Using a salt based on the password would seem like a bad idea to me. If you
store the salt with the hash then you have stored the password in the
password file. If you use a cipher to replace characters then you have used
a weak, reversible form of encryption that can more easily yield the
password than a brute-force attack against the hash.

Even if you were to use only a portion of the password (say two characters)
you would still provide a clue to the cracker, and hence decrease the
keyspace that they will need to search. This is why it is probably best to
use a random salt value so that you can slow the brute-force attack, yet
prevent an attacker from receiving any additional clue to help them find the
plain-text.

--
Tony Kava
Network Administrator
Pottawattamie County, Iowa

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]