How store salt in distributed environment

Question

I dont know how to use the "salt concept" in my scenario.

Suppose I have a client desktop application that encrypts data for specific users and send it to a remote server. The client application generate a key with PKCS#5, with the user's password and a SALT. The remote desktop must NEVER be in contact with the user's password.

Suppose we generate a random salt for an encryption. The client application can encrypt the data, and sent it to the remote server. If the user try to access his data on another computer, how will it be able to decrypt it since the salt is unknown?

I think that using the same salt all the time (hardcoded in the application) is not a good idea (security by obfuscation is bad).

How can I solve my problem ?

Answer 1

The salt is stored unencrypted along with the encrypted data.

The purpose of a salt is to prevent an attacker from precomputing a dictionary of encrypted passwords. (As in, the attacker spends a year or whatever generating the encrypted form of every word in every language.)

The other purpose of a salt is to make sure that two users will have different encrypted passwords even if their unencrypted passwords are the same.

Neither purpose requires that the salt remain secret.

[update, to elaborate]

See the Wikipedia entry for Salt (cryptography). In particular, read the introductory paragraphs.

The purpose of a salt is to take a non-random input (e.g., user-provided data) and make it random before passing it through a cryptographic function. For this to work, the salt must be randomly generated for each input.

The traditional example is storing encrypted passwords. Most users reliably choose non-random passwords, so without a salt, everyone who chooses "SEKRIT" as a password will wind up with the same encrypted password in the password DB. The solution is to add a random salt before encrypting the password, and then to store it (in plaintext) along with the encrypted password.