-
January 31st, 2004, 05:42 AM
#1
Linux password salt...
When Linux uses the MD5 algorithm to hash passwords, it uses a different salt everytime. ie if I were to hash the word "cgkanchi" multiple times, I'd get a different hash each time. How does the passwd program know which salt to use when verifying the password? In other words, where is this "salt" value stored? It can't be in the shadow file or in the hash itself, because that would nullify the whole point of having the salt. So where???
Cheers,
cgkanchi
-
January 31st, 2004, 12:46 PM
#2
Re: Linux password salt...
In other words, where is this "salt" value stored?
It's in the shadow file.
It can't be in the shadow file or in the hash itself, because that would nullify the whole point of having the salt.
No, it won't.
Normally the salt is the first two characters of the crypted password. It's chosen randomly.
The purpose of the salt is to prevent someone who can read the passwords from using either precalculated hash values, or comparing the passwords of different users usefully.
In principle, if there was no salt, you could crypt all the words in a dictionary, and vastly decrease the time to crack a dictionary-based password (in fact, it could be immediate). If you had plenty of storage, it could crack a fairly complex password almost instantly.
But due to the fact that there are at least 3800 possible salts (i.e. two characters a-zA-Z0-9), this becomes much harder.
Two users with the same password will almost certainly have different salts, hence an attacker cannot know they are the same (unless he cracks them both).
I think that NT password hashes have no salt, hence two users with the same password have the same hash value.
Slarty
-
January 31st, 2004, 01:30 PM
#3
Thanks for the reply. Everything is much clearer now .
Cheers,
cgkanchi
-
February 18th, 2004, 07:57 PM
#4
Also, the /etc/shadow file is readable only by root and nobody else. Permissions are usually 0400 (-r--------).
And considering md5 is a 32-digit hash compared to crypt()'s inherent weak encryption, it's definitely a lot better to use!
We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|