lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 21 Apr 2005 15:25:23 -0400 From: "Mike Fratto" <mfratto@....com> To: "'Jim Knoble'" <jmknoble@...ox.com>, <bugtraq@...urityfocus.com> Subject: RE: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords > I thought the idea of the salt was to aid in expanding the > keyspace. Even though the salt is known (in traditional Unix > passwd/shadow/master.passwd databases, I am pretty sure the intent the salt is to make pre-computation of a dictionaries infeasable due to storage requirements. It doesn't really add to the keyspace because the salt is known and doesn't have to be guessed.
Powered by blists - more mailing lists