Yes, I'm glad Jon brought up the private salt. If you don't store this information in the same data store as where your passwords are stored (e.g. in app configuration or a private config file not easily accessible somewhere), then brute force wouldn't be possible at all until the attacker could also acquire that private salt.
Compromising both could be _extremely_ hard, depending on how your application infrastructure is set up. For example, maybe an attacker could gets access to your data (maybe they were able to get access to a mysql dump file or similar), but they may not be able to get access to the location of the private salt (e.g. maybe its in a file they can't access or in a Chef encrypted data bag, etc). I forgot to mention this - thanks Jon! Best, -- Les Hazlewood | @lhazlewood CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282 On Thu, Apr 18, 2013 at 9:50 AM, jonlinux <[email protected]>wrote: > If you specify the use of a private salt, or set the option to use a public > salt, you will have something similar in your database: > > > $shiro1$SHA-512$475494$w9b57Sqavc3YfrxfUpjtWg==$+Wc4fFL+ZnrjrxCGNIRP5fsIYJqc1X8Vj7IInxntrIi0bGjJ4RMJt80Crqeh5RFwt5qgy/seD19IqlriuwWzLg== > > Thus you can see the hashing algorithm used as well as the number of > iterations. And in this instance there is the addition of the public salt > (w9b57Sqavc3YfrxfUpjtWg== in the example above). > This public salt is different for every password entry in the database, > thus > it would hinder any pre-computed rainbow table attack on the passwords. > > Additionally, there is a private salt used which you can set within your > Shiro configuration. This means that even if someone walks off with your > database, they still will not be able to "decrypt" the passwords. > > In your example (with no salt), it might be possible to get the password in > an unencrypted form by just hashing lots of plain text passwords using the > parameters you define, yes. A pre-computed rainbow table could be used in > this scenario. > But that is why it is recommended that salting of passwords is carried out. > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Encrypted-password-in-db-why-does-it-tell-the-Hash-and-iterations-in-it-tp7578510p7578622.html > Sent from the Shiro User mailing list archive at Nabble.com. >
