WebApp Sec mailing list archives
Re: Salt Storage - web.config or database?
From: Steve Barnet <steve.barnet () icecube wisc edu>
Date: Wed, 07 Jun 2006 09:20:30 -0500
Hi James, James Pujals wrote:
steve.barnet () icecube wisc edu wrote:This is not necessary, and may well be undesirable. This does very little to improve security and creates more complexity and more failure modes. Salting does nothing more than ensure that identical passwords with different salts hash to different values. This solves a few very narrow attacks: 1) Precomputed dictionary attacks. If an attacker wants to precompute a list of password hashes for later comparison with stolen hashes, they must now compute the hashes for the number of words * number of hash values instead of a single hash for each password.
This should read "number of words * number of _salt_ values" My bad.
2) Identical passwords hash to different values. If you break a particular password hash, you cannot do a trivial comparison with hashes using a different salt to find other usernames which use the same password. 3) Same password used on different systems. This is essentially a special case of the # 2. Salting does very little to mitigate an attack on a single password hash.I'm confused. Are you suggesting to not salt the passwords at all prior to hashing?
Oops, that's not what I'm suggesting. Passwords should definitely be salted. What I meant regarding an attack on a single password is that if an attacker has the hash value for a particular account and they are attempting to obtain the password by using a dictionary attack, then the salt increases the time it will take to hash the dictionary of candidate passwords, but that's it. A bad password (eg password) will still be found (eventually). So the value is limited to the amount of time added to the attack. This is a good thing, but it means that salt won't save you; just give you enough time to reach a non-extradition country perhaps. :-) Or more pragmatically, increases the time window for you do remedy the problem (close security hole, change passwords). Probably the biggest win is scenario 2 - the same password hashes to a different value. If an attacker is able to gain one hash, they're very likely to be able to get them all. If that's the case and you don't salt, then you can look for identical passords using a string comparison (the hashes will be identical). Best, ---Steve ------------------------------------------------------------------------- Sponsored by: WatchfireWatchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. Change the way you think about application security testing - See for yourself. Download a Free Trial of AppScan 6.0 today!
https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF --------------------------------------------------------------------------
Current thread:
- Salt Storage - web.config or database? cynthia . peluso (Jun 02)
- Re: Salt Storage - web.config or database? Dean H. Saxe (Jun 02)
- RE: Salt Storage - web.config or database? Wall, Kevin (Jun 03)
- Re: Salt Storage - web.config or database? Adam Tuliper (Jun 03)
- RE: Salt Storage - web.config or database? Burke, Charles (Jun 04)
- Re: Salt Storage - web.config or database? Steve Barnet (Jun 07)
- RE: Salt Storage - web.config or database? James Pujals (Jun 07)
- Re: Salt Storage - web.config or database? Steve Barnet (Jun 07)
- RE: Salt Storage - web.config or database? James Pujals (Jun 07)
- <Possible follow-ups>
- RE: Salt Storage - web.config or database? Martin O'Neal (Jun 04)