--
On 21 Oct 2002 at 7:03, William Bartholomew wrote:
> This is a general crypto question but not Crypto++ specific
> so I hope nobody minds (is there a better mailing list for
> crypto questions?).
>
> When hashing passwords to store in a database for a user
> login system I've heard many recommendations that you should
> prepend a salt onto the beginning of the clear-text. Just a
> couple of questions regarding this:
>
> 1. What is the primary reason to do this
Birthday attack.
Suppose the adversary gets your file containing ten thousand
hashes of passwords.
He then randomly generates a huge number of passwords until one
of his hashes matches one of your hashes.
> 2. Should the salt be different for each user?
Yes.
> 3. Do you just store the salt in clear-text with the user
> record?
Yes.
> 4. What length salt would be suitable for most purposes?
Sufficiently long that two passwords rarely get the same salt.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
jGBtdsUhY8E6VEyfCmeUcpHjypIRiWZVQ4fZKupy
45JqFI2KvGhkGxj4PhJBFgz5TudBsre4DiLxGTNnz
*
