lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 25 Jun 2015 18:44:42 +0000
From: Marsh Ray <maray@...rosoft.com>
To: "discussions@...sword-hashing.net" <discussions@...sword-hashing.net>
Subject: RE: [PHC] Why protect against side channel attacks

> I'm curious if there was any period of time since the inception of the salt that it was considered "public".

That’s how /etc/passwd got its name. World readable.


-          Marsh


From: ben@...rr.is [mailto:ben@...rr.is] On Behalf Of Ben Harris
Sent: Thursday, June 25, 2015 6:18 AM
To: discussions@...sword-hashing.net
Subject: Re: [PHC] Why protect against side channel attacks


On 25 Jun 2015 9:07 pm, <Stefan.Lucks@...-weimar.de<mailto:Stefan.Lucks@...-weimar.de>> wrote:
>
> On Thu, 25 Jun 2015, Peter Maxwell wrote:
>
>> You get the idea though: the salt must be secret to avoid an attacker being
>> able to exploit the low dimension of the password space.  Are we assuming
>> the salt as secret?
>
>
> If we would assume the salt to be secret, we should not call it a "salt". To avoid confusion, it would then deserve to be called a "key".

I'm curious if there was any period of time since the inception of the salt that it was considered "public".

But no, the salt is better considered as "sensitive" and treated in the same respect as the password hash.

I guess the outcome of this thread is that side channel resistant candidates are compatible with public salts? For the (limited?) applications that require a public salt?

Content of type "text/html" skipped

Powered by blists - more mailing lists