in reply to Re: Salt -- Something I've Never Understood
in thread Salt -- Something I've Never Understood

It doesn't make the encryption more random. That doesn't make any sense. You don't want any randomness in your encryption - if there were any randomness, how would you ever be able to determine your password was correct?

The salt serves two points, both already explained higher up in the thread: it increases the size of a pre-computed dictionary with a factor of 4096, and it reduces the chance that two users using the same password have identical encrypted passwords. Points that were important a couple of decades ago, but less so nowadays. Pre-computed dictionaries are now much more feasible (although the factor 4096 still hinders), and most modern Unix systems use a non-user readable /etc/shadow to store the encrypted passwords. Of course, if you use NIS, anyone being able to snoop the network can see the encrypted passwords.

Abigail

  • Comment on Re: Salt -- Something I've Never Understood

Replies are listed 'Best First'.
Re: Re: Salt -- Something I've Never Understood
by jonadab (Parson) on Feb 05, 2004 at 20:14 UTC
    It doesn't make the encryption more random. That doesn't make any sense.

    I suspect he meant the encryption key, not the encryption process. Indeed, making the process random wouldn't make any sense.

    $;=sub{$/};@;=map{my($a,$b)=($_,$;);$;=sub{$a.$b->()}}
split//,".rekcah lreP rehtona tsuJ";$\=$ ;->();print$/

    [download]
[reply]
[d/l]

In Section Seekers of Perl Wisdom