[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <BY2PR03MB554BA4102AF9144CB656055A7AE0@BY2PR03MB554.namprd03.prod.outlook.com>
Date: Thu, 25 Jun 2015 18:44:42 +0000
From: Marsh Ray <maray@...rosoft.com>
To: "discussions@...sword-hashing.net" <discussions@...sword-hashing.net>
Subject: RE: [PHC] Why protect against side channel attacks
> I'm curious if there was any period of time since the inception of the salt that it was considered "public".
That’s how /etc/passwd got its name. World readable.
- Marsh
From: ben@...rr.is [mailto:ben@...rr.is] On Behalf Of Ben Harris
Sent: Thursday, June 25, 2015 6:18 AM
To: discussions@...sword-hashing.net
Subject: Re: [PHC] Why protect against side channel attacks
On 25 Jun 2015 9:07 pm, <Stefan.Lucks@...-weimar.de<mailto:Stefan.Lucks@...-weimar.de>> wrote:
>
> On Thu, 25 Jun 2015, Peter Maxwell wrote:
>
>> You get the idea though: the salt must be secret to avoid an attacker being
>> able to exploit the low dimension of the password space. Are we assuming
>> the salt as secret?
>
>
> If we would assume the salt to be secret, we should not call it a "salt". To avoid confusion, it would then deserve to be called a "key".
I'm curious if there was any period of time since the inception of the salt that it was considered "public".
But no, the salt is better considered as "sensitive" and treated in the same respect as the password hash.
I guess the outcome of this thread is that side channel resistant candidates are compatible with public salts? For the (limited?) applications that require a public salt?
Content of type "text/html" skipped
Powered by blists - more mailing lists