lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAMtf1HsyPDSiFtNkAZxEJ3NRaBTpFPS8CkXwDqsLhawqb_XZSA@mail.gmail.com>
Date: Thu, 25 Jun 2015 21:17:47 +0800
From: Ben Harris <mail@...rr.is>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] Why protect against side channel attacks

On 25 Jun 2015 9:07 pm, <Stefan.Lucks@...-weimar.de> wrote:
>
> On Thu, 25 Jun 2015, Peter Maxwell wrote:
>
>> You get the idea though: the salt must be secret to avoid an attacker
being
>> able to exploit the low dimension of the password space.  Are we assuming
>> the salt as secret?
>
>
> If we would assume the salt to be secret, we should not call it a "salt".
To avoid confusion, it would then deserve to be called a "key".

I'm curious if there was any period of time since the inception of the salt
that it was considered "public".

But no, the salt is better considered as "sensitive" and treated in the
same respect as the password hash.

I guess the outcome of this thread is that side channel resistant
candidates are compatible with public salts? For the (limited?)
applications that require a public salt?

Content of type "text/html" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ