[WEB SECURITY] Salt Storage - web.config or database?

Marc-André Laverdière ma_laver at ciise.concordia.ca
Fri Jun 2 16:29:27 EDT 2006



Brian Eaton wrote:
> On 6/1/06, Marc-André Laverdière <ma_laver at ciise.concordia.ca> wrote:
>> P.S. Make sure that you use a cryptographically strong random number
>> generator. .NET should normally be having one of those
> 
> Does a salt actually need to be generated using a strong RNG?
> 
> Why?
> 
> - Brian
> 
<snip>

1)
If you choose to have your salts separate from your hash, then you want 
to make the guessing game harder for your attacker. Weak PRNGs could
essentially let your attacker deduce the sequence of salts with some 
effort and thus get no real benefit in hiding them. This point is not an 
impressive one if you give away the hash anyway but is the strongest 
technical point.

2)
It can get your developers used to using one, so that they don't 
hesitate to do so when it'll be required for other applications. Not a 
very strong point, in appearance, but a more important one that one may 
think. This opens the door to your staff to learn more about security 
and thus getting some 'on-the-side' security training done.

3)
As a principle in crypto, yes. Crypto-level algorithms should be used in 
cryptographic operations. You don't want to compromise a scheme because 
of something so simple (think about Kerberos 4 for a second, then think 
about point 1)  :)

4)
It has more bragging potential (don't underestimate this point... honestly)

5)
Corollary to point 4, this looks much better if you need to defend your 
design for any given reason.


I'd encourage you to have a read at PKCS5.
ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-5v2/pkcs5v2-0.pdf

They have a section only on salting. My understanding is that the 
cryptographic community assumes a cryptographically strong random number 
generator whenever they talk about a random number (which was my point 3).

Those are the best points I can think of (I'm not a cryptographer) and I 
hope I am making sense overall.


Regards,

-- 
Marc-André LAVERDIÈRE, B. Eng., M. A. Sc. (in progress)
Computer Security Laboratory - Laboratoire de sécurité informatique
CIISE, Université Concordia University, Montréal, Québec, Canada
www.ciise.concordia.ca

/"\
\ /    ASCII Ribbon Campaign
  X      against HTML e-mail
/ \

"Perseverance must finish its work so that you may be mature and 
complete, not lacking anything." -James 1:4

----------------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/



More information about the websecurity mailing list