Menu
I understand that salts make the same password hash to different values. However, salts are usually stored in the database with the password. So let's say I am attacker, here is how I might use a dictionary attack against a salt (note in this example i don't write out 128 bit hashes or salts for the sake of brevity):
user_pw = 'blowfish'
Given:
email = '[email protected]'
hash = '1234567890'
salt = '0987654321'
function attack(){
for each(word in dictionary)
md5( word * salt ) == hash ? cracked_one(email, word)
}
I understand this prevents hackers from using rainbow tables...but doesn't seem to prevent dictionary attacks. I guess you could add something else to the hash algorithm, but with security we must assume that the method of attack is known.
So it seems that salting prevents hackers from figuring out which passwords are likely to be dictionary passwords (ones that multiple users have) and prevents rainbow attacks...but does not prevent dictionary attacks.
Is this a correct analysis? Any suggestions for better security?
Thanks!
803
Salt doesn't prevent dictionary attacks, just precalculated dictionary attacks. In particular, it protects against rainbow tables (http://en.wikipedia.org/wiki/Rainbow_table) and also ensures that cracking one user's password doesn't automatically let you crack any user who shares that password.
The article I linked to mentions some ways to improve upon salting, incudling key strengthening (http://en.wikipedia.org/wiki/Key_strengthening).
65
Nothing keeps an attacker from just guessing the password.
Salts just make it harder by forcing an attacker to hash the dictionary on a per-user (effectively, per-salt) basis.
To improve security, a tunable hash function is your best bet. Crank the time-per-hash up, making dictionary attacks impractical on whatever hardware your attacker is likely to have available.
Basically, read this.
37
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
