[Cryptography] CSPRNG for password salt
Stephan Neuhaus
stephan.neuhaus at tik.ee.ethz.ch
Wed Aug 20 07:44:53 EDT 2014
On 2014-08-20, 10:08, John B wrote:
> Say we were using rand() - if the attacker can submit his/her own
> password AND obtain their own hash back, they could then bruteforce
> the seed (say because srand(time_now)) and now would presumably know
> the list of salts used for all of the subsequent password hashes.
> They can then pre-compute the tables necessary for an 'improved'
> offline attack on those passwords. Does this sound plausible?
I don't think so. In my opinion, the cost in pre-computing the tables
is in their storage, not their computation. In that case, it doesn't
matter if I compute the table on the fly or offline.
Fun,
Stephan
More information about the cryptography
mailing list