| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Steve Atkins <steve(at)blighty(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Salt in encrypted password in pg_shadow |
| Date: | 2004-09-08 02:27:40 |
| Message-ID: | 14516.1094610460@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Steve Atkins <steve(at)blighty(dot)com> writes:
> A random salt stored with the hashed password increases the storage
> and precomputation time required by the size of the salt (so a 16 bit
> salt would increase the storage and precomputation time needed by
> a factor of 65536). That increase makes the pre-computed dictionary
> attack pretty much infeasible.
[ raised eyebrow... ] It is not immediately obvious that a factor of
2^16 makes the difference between feasible and infeasible. As
counterexamples, if it would otherwise take you one microsecond to break
the password, 64 milliseconds isn't going to scare you; if it would
otherwise take you a century to break the password, raising it to
64k centuries isn't going to make for a very meaningful improvement in
security either.
Show me a scheme where the random salt isn't stored right beside the
password, and I might start to get interested.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2004-09-08 02:48:28 | Re: Salt in encrypted password in pg_shadow |
| Previous Message | David Garamond | 2004-09-08 02:11:33 | Re: Salt in encrypted password in pg_shadow |