I'm interested in salting my hashed passwords...
Moderator: General Moderators
I'm interested in salting my hashed passwords...
I have always stored my passwords in a database as a sha1 hash. I generally haven't salted these hashes mostly because I'm lazy, but also because I don't know enough about the subject to do it properly. I do know that it's best to give each user their own unique salt, but how do you store the salt in that case? Forgive my complete lack of knowledge on the subject.
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
Re: I'm interested in salting my hashed passwords...
It's pretty easy but one serious gotcha... don't store the salt as character data in MySQL, store it as binary data since it really screws up when you switch character sets and MySQL decides to try transcoding it.
Adding the salt can be done in various ways. I'm sure some more crypto experts here will post better ways but this works:
Where $salt is just a few random bytes:
Adding the salt can be done in various ways. I'm sure some more crypto experts here will post better ways but this works:
Code: Select all
$normalHash = md5($password);
$saltedHash = md5($normalHash . $salt);Code: Select all
$salt = chr(rand(0, 255)) . char(rand(0, 255)) . chr(rand(0, 255));Re: I'm interested in salting my hashed passwords...
So it's ok to just store the salt in the database? It doesn't matter if the salt's value is exposed in the database? Like I said, I'm not very knowledgeable in this area 
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
Re: I'm interested in salting my hashed passwords...
You need to store it in the database otherwise you can't re-use itLuke wrote:So it's ok to just store the salt in the database? It doesn't matter if the salt's value is exposed in the database? Like I said, I'm not very knowledgeable in this area
Re: I'm interested in salting my hashed passwords...
I understand that, I am just wondering.. if my database is compromised, and the "bad guys" have access to the salt value, doesn't that defeat the purpose? I don't get it.
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
Re: I'm interested in salting my hashed passwords...
I'm pretty sure there's no real problem having the salt available with the hash. Why you're best having one salt per-user is probably something to do removing any consistency should an attacker find a way to break the hashes... though reversing a hash is not very easily done and yields any number of possible values in any case.
I think I'm best not answering your security concerns... I don't know basically
I think I'm best not answering your security concerns... I don't know basically
Re: I'm interested in salting my hashed passwords...
I have seen salts stored in the database before, so I believe you are right. You are also right about why it's best to give each record its own salt.
Re: I'm interested in salting my hashed passwords...
I do know it's never a good idea to hash twice though because it actually reduces security if you do. So never do sha1(md5($password)) or anything like that.
Re: I'm interested in salting my hashed passwords...
If you have a table full of hashed passwords with no salt, or even with the same salt, it's easy to create a rainbow table to break the passwords. Using a different salt with each stored password prevents the use of a rainbow table. The attacker would need to attack each password individually.
- kaisellgren
- DevNet Resident
- Posts: 1675
- Joined: Sat Jan 07, 2006 5:52 am
- Location: Lahti, Finland.
Re: I'm interested in salting my hashed passwords...
You must assume that an imaginary attacker has your hashes including salts (a full database access). Luke, I think you might want to read this: http://www.phptalk.net/2009/01/24/every ... and-myths/
Re: I'm interested in salting my hashed passwords...
Thanks Kai! That looks like an excellent write-up. I'm going to read it as soon as I get home from work. 
Re: I'm interested in salting my hashed passwords...
Very nice article Kai!kaisellgren wrote:You must assume that an imaginary attacker has your hashes including salts (a full database access). Luke, I think you might want to read this: http://www.phptalk.net/2009/01/24/every ... and-myths/
Re: I'm interested in salting my hashed passwords...
Nice article.
I didn't understand this part though:
I didn't understand this part though:
Hash length is measured in bits and a byte is 8 bits. If you divide by 8 and then multiply by 8 you end up with the same number... what am I missing?The sufficient length of a salt is length(hash)/8 bytes
Re: I'm interested in salting my hashed passwords...
Insert characters from the salt at random predetermined points in the hash value, if they don't have the code they'll give up trying to figure out what the hell is going on
- kaisellgren
- DevNet Resident
- Posts: 1675
- Joined: Sat Jan 07, 2006 5:52 am
- Location: Lahti, Finland.
Re: I'm interested in salting my hashed passwords...
Maybe I could have written it better.pytrin wrote:Hash length is measured in bits and a byte is 8 bits. If you divide by 8 and then multiply by 8 you end up with the same number... what am I missing?The sufficient length of a salt is length(hash)/8 bytes
Theoretically, when trying to create a sufficiently enough long salt, which is enough long for hashes in general, we need to feed up the hash with the amount of bits it needs. We divide it by 8 to get the figure in bytes, so maybe this text instead makes more sense: "The sufficient length of a salt is x bytes, where x = length(hash)/8". This, of course, is not an exact number that is perfect for every hash, but a good simple rule to play around with.