Skip site navigation (1) Skip section navigation (2)

Re: OT: password encryption (salt theory)

From: "David F(dot) Skoll" <dfs(at)roaringpenguin(dot)com>
To: Tim Ellis <Tim(dot)Ellis(at)gamet(dot)com>
Cc: fstefan(at)cable(dot)vol(dot)at, <pgsql-admin(at)postgresql(dot)org>
Subject: Re: OT: password encryption (salt theory)
Date: 2002-08-22 02:19:17
Message-ID: Pine.LNX.4.44.0208212215480.31571-100000@shishi.roaringpenguin.com (view raw or flat)
Thread:
Lists: pgsql-admin
On Wed, 21 Aug 2002, Tim Ellis wrote:

> Of course. I argue everything does.

Ah, here's what I meant by a dictionary attack:

You precompute (offline) encrypted versions of your dictionary.  This
can be very slow; doesn't matter.  You just burn a CD or DVD with a
database mapping encrypted -> cleartext.

It's this precomputation attack which a salt thwarts.  A salt makes
it impractical to build up a dictionary of encrypted -> cleartext
mappings, because a given cleartext has millions of encrypted
equivalents.

> No matter how you obfuscate it, unless you can somehow turn it into a
> O(x^n) problem, you're prone to dictionary attacks.

A dictionary attack as I understood it means the kind of precomputed
encrypted-to-cleartext lookup table I described above.  If you do your
mapping offline, you have the luxury of using an enormous set of
possible passwords with no computational penalty when you actually
carry out the attack.

--
David.


In response to

pgsql-admin by date

Next:From: Mark StosbergDate: 2002-08-22 02:20:54
Subject: Re: Event recurrence - in database or in application code ????
Previous:From: Bruce MomjianDate: 2002-08-22 02:12:57
Subject: Re: password encryption

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group