Wednesday, January 20, 2010

The Hack FAQ:What is a salt?

SkyHi @ Wednesday, January 20, 2010

Table of Contents

1.0 Administrivia

2.0 Attack Basics

3.0 Account Basics

4.0 Password Basics

5.0 Denial of Service Basics

6.0 Logging Basics

7.0 Miscellaneous Basics

8.0 Web Browser

9.0 The Web Browser as an Attack Tool

10.0 The Basic Web Server

11.0 NT Basics

12.0 NT Accounts

13.0 NT Passwords

14.0 NT Console Attacks

15.0 NT Client Attacks

16.0 NT Denial of Service

17.0 NT Logging and Backdoors

18.0 NT Misc. Attack Info

19.0 Netware Accounts

20.0 Netware Passwords

21.0 Netware Console Attacks

22.0 Netware Client Attacks

23.0 Netware Denial of Service

24.0 Netware Logging and Backdoors

25.0 Netware Misc. Attack Info

26.0 Netware Mathematical/Theoretical Info

27.0 Unix Accounts

28.0 Unix Passwords

29.0 Unix Local Attacks

30.0 Unix Remote Attacks

31.0 Unix Logging

32.0 Hacker Resources


4.6 What is a salt?

To increase the overhead in cracking passwords, some algorithms employ salts to add further complexity and difficulty to the cracking of passwords. These salts are typically 2 to 8 bytes in length, and algorithmically introduced to further obfuscate the one-way hash. Of the major operating systems covered here, only NT does not use a salt. The specifics for salts for both Unix and Netware systems are covered in their individual password sections.

Historically, the way cracking has been done is to take a potential password, encrypt it and produce the hash, and then compare the result to each account in the password file. By adding a salt, you force the cracker to have to read the salt in and encrypt the potential password with each salt present in the password file. This increases the amount of time to break all of the passwords, although it is certainly no guarantee that the passwords can't be cracked. Because of this most modern password crackers when dealing with salts do give the option of checking a specific account.


Reference: http://www.nmrc.org/pub/faq/hackfaq/