[Cryptography] CSPRNG for password salt
Jerry Leichter
leichter at lrw.com
Wed Aug 20 07:23:22 EDT 2014
On Aug 20, 2014, at 7:12 AM, Erwan Legrand <erwan at lightbringer.org> wrote:
> >This is a rather weak argument. You're contrasting a CSPRNG - something >that's quite difficult to build correctly, as we've seen from many discussions >on this list - with something as simple as "remember the last one and add one >to get the next"....
>
> As I said, the target audience is web application developpers. These do not write CSPRNG's. Yet many of them write authentication code using a crypto toolkit.
>
> Does this make sense now?
>
Sorry, but no. I consider it similar to the following argument: An electrical circuit needs a fuse. But, you know, people might stick the wrong size fuse in there. Or they might even stick in a penny (OK, this style of fuse hasn't been used in 50 years). I can do better. I have a digital voltage sensor, which I can turn into an amperage sensor with a resistor. I can feed that into my Arduino and monitor the current drawn. I'll include a digital model of the kind of fuse that's supposed to go here, so that it lets peaks of the right sort through, etc. Then I'll write a driver to control a relay. Now I've got solid, modern protection for my circuit, and people can't screw it up!
Replacing a simple design with a more complex one "just because you have the parts around" adds to risk, it doesn't ameliorate it.
I've written separately - in messages that haven't yet been forwarded to the list; our moderators are likely still asleep - about the actual threats, and that one could argue for using a CSPRNG on "defense in depth" principles, even if the argument is a bit of a stretch. But I don't buy the "it's better engineering because you might screw up code to add 1 to the last number" argument.
-- Jerry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140820/4696926b/attachment.html>
More information about the cryptography
mailing list