in reply to Generating random characters for a salt.

Due to merlyn: 
use Digest::MD5 qw(md5_hex);

my $salt = md5_hex( time().{}.rand().$$ );

[download]
Cheers.

Replies are listed 'Best First'.
Re^2: Generating random characters for a salt.
by Cap'n Steve (Friar) on Aug 31, 2007 at 07:04 UTC
    That's certainly interesting, but it seems strange to go to those lengths to get a random number and then limit it to a hex string. Granted, I'm not exactly a cryptography expert, but don't you want the largest possible pool of characters?
[reply]
      If you are given these rules:

      1. Your salt must be N characters long or shorter
      2. N is a small integer

      then, yes, you would want a big char set. That is not the case with salts, however. Heck, you could restrict yourself to two characters and still be arbitrarily uhm... arbitrary by making the string longer.

      The incredibly-randomness and terribly-hard-to-guessness of a salt is not critical: it is going to be hashed again.

      Disclaimer: I am not a crypto expert either. /me .oO(Come to think of it, I am not an expert in anything, really. That's not very good at age 34)

      Cheers.

[reply]

In Section Seekers of Perl Wisdom