[Cryptography] CSPRNG for password salt
John B
vertex.vr4 at gmail.com
Tue Aug 19 21:43:50 EDT 2014
Hi all,
Some research on the interwebs turned up the recommendation that a password
hash's salt should only be generated with a cryptographically secure PRNG.
Some sources specifically mention *not* using rand() and friends.
What are the reasons for this? Specifically:
a) What is the attack on a password hash generated with non-CSPRNG salt
such as a rand() call?
b) How realistic/plausible is such an attack?
So that the responses don't 'wander', I'd like to state that I am already
aware of:
a) The point of a salt
b) The fact that the salts need to be of an appropriate length
c) Bcrypt, scypt and PBKDF2 are the appropriate types for password hashes
Regards,
John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140820/adb1bbf1/attachment.html>
More information about the cryptography
mailing list