Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How best to generate a random salt for a Web Site?

i'm wanting to generate a random salt value and put it into the Application state.

Now, i'm using a web farm, so the Application state will be different per machine. I don't want to purchase distributed state farm apps, either.

So .. what are some solutions for this? I thought i could hard-code it in the code OR the web.config file .. but that means the same salt for eva .. not very safe.

Anyone have any suggestions?

Remember - i'm after a unique key (eg a guid) that is the same across all machines. Maybe a config file is the only way?

like image 207
Pure.Krome Avatar asked Nov 30 '08 10:11

Pure.Krome


People also ask

Should a password salt be random?

To prevent password attacks, salts must be unique and random for each login. Encrypting password storage at rest can provide additional defense in depth, even if a hacker were able to recalculate hashes of common password lists using a given salt for a password.

How are salt values generated?

According to OWASP Guidelines, a salt is a value generated by a cryptographically secure function that is added to the input of hash functions to create unique hashes for every input, regardless of the input not being unique.

Does salt need to be random?

Salts must be unique. Randomness (with a "good" random generator) is sufficient to ensure uniqueness.

How long should a salt value be?

Every salt should ideally have a long salt value of at least the same length as the output of the hash. If the output of the hash function used is 256 bits or 32 bytes, the length of the salt value should at least be 32 bytes.


1 Answers

If I understand correctly, you want the machines to share a value, and you don't want the value to be the same forever. Ideally you'd prefer not to store it.

So, have the "first" machine generate a random value at startup, (using whatever entropy it can such as /dev/random. If you don't need a secure value, and don't have enough entropy at startup to create one anyway, use the time or whatever), and communicate it to all the others. As new machines join the cluster, they need to be able to find the value from one machine already in the cluster. Machines dropping out make no difference.

Which machine is the "first"? Well, if you can always boot one machine before any others, and give it time to get to the point of generating a value, then you can use the trivial algorithm:

1) Look for other machines. If you find one, ask it the value. 2) If you don't find one, generate the value yourself.

If multiple machines are starting up at once then they need to decide amongst themselves which is the "leader". You could do this by choosing one yourself (e.g. a machine declares itself "leader" as soon as it receives a particular connection via the admin interface: on startup each machine waits until it either gets this connection, or hears from another machine that the other machine is the leader). It's trivial to do automatically on a token ring: the machine with the least MAC address or whatever is leader. But nobody uses token ring any more...

At the opposite extreme of an unreliable network I'm not sure it's even possible, unless all the machines know how many there will be in total (in which case it's just like the token ring, except that they all talk to each other until they've figured out who's the leader). With reliable broadcast, which is what you can assume within reasonable bounds on ethernet, I'm sure there's an optimal algorithm published somewhere, but I forget what it is (if I ever knew). I'd guess that everyone broadcasts who they think the leader is at regular intervals (including their own claim if they've not yet seen a better one). Once you've been listening to that for long enough (approx one interval), you'll know who the leader is, and you can start using the seed.

If the value is a secret, then obviously communication within the cluster must be secure. You might get that for free, depending on the network architecture.

like image 81
Steve Jessop Avatar answered Sep 26 '22 02:09

Steve Jessop