lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20141212033047.29e503db@lambda> Date: Fri, 12 Dec 2014 03:30:47 +0000 From: Brandon Enright <bmenrigh@...ndonenright.net> To: Marsh Ray <maray@...rosoft.com> Cc: "discussions@...sword-hashing.net" <discussions@...sword-hashing.net>, bmenrigh@...ndonenright.net Subject: Re: [PHC] How important is salting really? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 12 Dec 2014 01:21:32 +0000 Marsh Ray <maray@...rosoft.com> wrote: > C. Prevents the trivial determination that two accounts chose > the same password There are special cases where this point comes into play. For example, in the recent Adobe breach an unknown "personalization key" (actually an encryption key in this case) was used which made cracking impossible. But, because of a lack of salting (or in this case CBC + random IV) it was still possible to determine the password for a large number of the accounts because the password hints were also leaked. Salting protects against being able to use information gleaned from other accounts (like a password hint) from being useful. I think *everyone* should be using a personalization key with whatever hashing scheme they pick because without the personalization key a database leak is nearly harmless. If the personalization key leaks with the database then it degrades to as though a key wasn't in use. That is, a personalization key is sometimes better, never worse. But, without password salting a personalization key isn't as effective due specifically to Marsh's point C. Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlSKYX8ACgkQqaGPzAsl94IDFgCeLvAWg8JIyCA92Kr+U4S0MSDD IIsAnRMbLSJJ1XacfTr2EO2Sq48z7LHx =FDxg -----END PGP SIGNATURE-----
Powered by blists - more mailing lists