On Wed, May 20, 2009 at 2:55 PM, Jonathan Yu <jonathan.i...@gmail.com>wrote:
> Bill: > > To clarify why a salt is necessary, consider the classic time-space > tradeoff. Let's say I know that your password is exactly 8 characters > long and I know all of the possible characters it could be. So let's > say it's alphanumeric (a-z, A-Z, 0-9, hyphen, period, underscore) - > that's 26+26+10+3 = 65 possible combinations per character. > > Then you'd only have to generate a hash 65^8 = 318644812890625 times, > which for faster computers these days shouldn't take too long. Still, > it takes a lot of time, so you can store it all in a database (ie, > Rainbow Table). So if you map a bunch of arbitrary plaintexts and > calculate their hash, you can look up the hash and figure out what > text was used to generate that hash. Thus, you've either figured out > the password or an MD5 collision thereof; in either case, you'll be > able to log in. > > There are web sites that specialize in that sort of thing. So having a > 2-byte salt can really help stop those attacks, or at least make the > amount of space needed infeasible (since every different 2 character > salt will require you to generate an entirely different rainbow > table). > > For most uses it's probably unnecessary, however, if you can harden > security with just a few extra lines of code, why not? > Yeah, but how would you get the MD5 hash without already having access to the database behind the web site, in which case the farm has already been given away? Still, it's not hard to add.
