Salt

Gang,

I am persuaded by the arguments for salting BOTH the user's 
supplied password (which always clearly needed salting) *and* 
also the IUK encryption code -- which the UI will call the 
"Emergency Code" (EC) unless we arrive at a better name for it.

I was viewing the Emergency Code (EC)'s EnScrypt not only as
a substantial bottleneck against brute forcing -- which, in 2014 
at least, it clearly is -- but also as a convenient width 
expander to convert the user's supplied bit length into the
256 bits needed to key the OCB cipher.

But ANY salt-free design means that ALL SQRL users will be 
sharing the same transform from their input EC to the output 
encryption key. And even though that keyspace will be 
prohibitively massive, if SQRL were to take over the world, 
there would be some value in mapping or hacking or attacking 
that transform.  So in the interest of seriously future-proofing 
the design against ridiculous improvements in computation 
resources, forcing a per-user mapping with a salt dramatically 
changes the economics against ever bothering.

So let's feed 128 bits of salt into the EnScrypt "salt" input 
and store it along with the encrypted IUK.

(And we'll do the same for the user-supplied password.)

-- 
________________________________________________________________
Steve.               Working on moving the SQRL project forward.
0
Steve
2/12/2014 5:19:51 PM
grc.sqrl 459 articles. 0 followers. Follow

0 Replies
590 Views

Similar Articles

[PageSpeed] 8

Reply:

Similar Artilces:

php-ext-sqrl and php-sqrl
Well, I finally got some time to play with a bit of code! Here's what I'm working on... php-ext-sqrl ------------ source: https://github.com/Novators/php-ext-sqrl PHP Extension that handles ed25519 signature verification and SQRL's (somewhat) unique base64url encoding. Crypto is in c, taken from ed25519-donna. Passes 1024 tests from http://ed25519.cr.yp.to/software.html in about 2.5 seconds on my machine. This would be faster with batch verification, but one-by-one is more representative of actual usage. I'm pretty confident in this part. The base64url en...

Salt?
I was just reading an explanation of salt applied to password files, but did not fully grasp it. From what I understood, a authentication server doesn't store passwords, it stores hashes of passwords. This can be brute force attacked by hashing a list of comman passwords and comparing the has result to the hash in the password list file. To make this significantly more difficult salt (a random string) is concatenated to the password. What I don't understand: is the salt concatenated to the hash result in the password file, or is it concatenated to the password and then the entir...

Why Salt?
Why salt passwords? It doesn't seem that it would hinder any attacks that use your UI. Is it only to protect against an attack from someone who is trying to run commands on your SQL server? IF you are taking their password, Salting it, hashing it...and then comparing the result to whatever is stored in the password field of the database... they don't need to know the salt to crack the account. Am I missing something simple here? Thanks Salting helps to make it more difficult for a hacker to break in. A salt is a random number. ie if the pwd was "password" and the sal...

sqrl://
I hate the idea of further polluting the namespace of URL schemes which is already full of non-standard crap like itms:// and ms-help://. If we're building this protocol on top of standard TLS traffic to standard web servers, then we're using https://, and should just be call it what it is. The fact that this particular https:// traffic is in furtherance of a more specific use should be identified elsewhere. This also separates us from dependence on the underlying protocol in case we want to have it work later over some other protocol. On 10/3/2013 2:35 AM, Lee Daniel ...

superreview cancelled: [Bug 256076] go back to old salting with subdirectory : [Attachment 156523] Do 8.profilename salting
Mike Connor <mconnor@steelgryphon.com> has cancelled chris hofmann <chofmann@gmail.com>'s request for superreview: Bug 256076: go back to old salting with subdirectory https://bugzilla.mozilla.org/show_bug.cgi?id=256076 Attachment 156523: Do 8.profilename salting https://bugzilla.mozilla.org/attachment.cgi?id=156523&action=edit ...

superreview requested: [Bug 256076] go back to old salting with subdirectory : [Attachment 156523] Do 8.profilename salting
chris hofmann <chofmann@gmail.com> has asked Brendan Eich (watching) <brendan.eich@gmail.com> for superreview: Bug 256076: go back to old salting with subdirectory http://bugzilla.mozilla.org/show_bug.cgi?id=256076 Attachment 156523: Do 8.profilename salting http://bugzilla.mozilla.org/attachment.cgi?id=156523&action=edit ------- Additional Comments from chris hofmann <chofmann@gmail.com> need dveditz and brendan on this... darin out until next week ...

superreview requested: [Bug 256076] go back to old salting with subdirectory : [Attachment 156523] Do 8.profilename salting #2
chris hofmann <chofmann@gmail.com> has asked Brendan Eich <brendan@mozilla.org> for superreview: Bug 256076: go back to old salting with subdirectory http://bugzilla.mozilla.org/show_bug.cgi?id=256076 Attachment 156523: Do 8.profilename salting http://bugzilla.mozilla.org/attachment.cgi?id=156523&action=edit ------- Additional Comments from chris hofmann <chofmann@gmail.com> need dveditz and brendan on this... darin out until next week ...

superreview cancelled: [Bug 256076] go back to old salting with subdirectory : [Attachment 156523] Do 8.profilename salting #2
Mike Connor <mconnor@steelgryphon.com> has cancelled chris hofmann <chofmann@gmail.com>'s request for superreview: Bug 256076: go back to old salting with subdirectory https://bugzilla.mozilla.org/show_bug.cgi?id=256076 Attachment 156523: Do 8.profilename salting https://bugzilla.mozilla.org/attachment.cgi?id=156523&action=edit ...

superreview granted: [Bug 256076] go back to old salting with subdirectory : [Attachment 156594] updated, only salt once per creation dialog
Brendan Eich <brendan@mozilla.org> has granted Brendan Eich <brendan@mozilla.org>'s request for superreview: Bug 256076: go back to old salting with subdirectory http://bugzilla.mozilla.org/show_bug.cgi?id=256076 Attachment 156594: updated, only salt once per creation dialog http://bugzilla.mozilla.org/attachment.cgi?id=156594&action=edit ------- Additional Comments from Brendan Eich <brendan@mozilla.org> Not sure how knowing the PRNG helps, as dveditz said. You'd have to know the time used to seed it, and that's not something an attacker can know...

Epsom salts
I was given injections of Magnesium some years ago by a doctor in order to raise my Mg levels as he said it was difficult to absorb via supplements. But he did also recommend bathing in Epsom salts. Googling I came across an interesting site "epsomsaltcouncil.org" which gives some more information: http://www.epsomsaltcouncil.org/about_better_health_through_soaking.htm ...

Where is the salt kept?
Salt is often mentioned in the podcast and it's described as a little extra bit of "noise" added to the end of a password. Well, if it's just some random data collected from wherever, that same random data would be needed each time the person logs on. Whether it is stored next to the password hash in the same text file, or if it is obfuscated is some kind of way, it is still going to need to be kept somewhere. I guess my point is, if somebody is stealing passwords, they're just going to steal the salt as well. Is a salt little more than just a mechanism ...

Salt Clarification
Knowing the salt does not weaken the protection it is intended to provide. It is not intended to be a "key" to the hash. It is intended to be a nonce, like the IV in CBC mode. It is fine and normal to store the salt right beside the password hash in a database. Both the salt and the hash are required to validate a password, so the web app must have access to both. Storing each on different servers is only beneficial when an attacker could breach one of the database servers but not both, or the web server. But the goal of salt is to stop dictionary attacks and rainbow tabl...

Where do salts come from?
Steve has mentioned in the past that sometimes salts are added to passwords to make password hashes more difficult to break. Where does this randomness come from? I would imagine that it needs to be related to the password because if it's data taken from the computer, such as serial number or something like that, a potential attacker could also get that data. If it's just random data, then it would be different each time a computer authenticates a user and each authentication would give a different hash. So how are salts added to passwords to consistently authenticate...

Web resources about - Salt - grc.sqrl

Salt - Wikipedia, the free encyclopedia
This article is about common table salt. For salts in chemistry, see Salt (chemistry) . For other uses, see Salt (disambiguation) . Salt is a ...

China to build world's first salt lake data center
China to build world's first salt lake data center

“Water-in-salt” electrolytes can make lithium-ion batteries safer
... are often highly flammable, reactive with other battery components (like the electrodes), and depend on highly toxic materials (lithium salts) ...

Unified effort underway to fix Bonneville Salt Flats
Filed under: Motorsports , Read This , Racing Hemmings tells the fascinating story of the effort to save the Bonneville Salt Flats that brings ...

In Salt Lake City, “Love Doesn’t Separate”
For all the ugliness in the world, there’s still incremental steps towards the light. From the Salt Lake Tribune : More than 1,000 inactive ...

Salt Lake City elects its first openly gay mayor
After recent rulings by Mormon Church against LGBT inclusion, the election marks a milestone for the conservative state

Will salt warnings in food work?
Chain restaurants in New York City begin placing salt warnings on menu items with more than 2,300 milligrams of salt.

Restaurant Group Sues NYC Over New Salt Warning Labels
Well, that was quick: two days after New York City’s new salt labeling rules went into effect — requiring chain restaurants to slap a salt shaker ...

National Restaurant Association Plans to Sue the City Over Salt Warnings
The salt wars are heating up. Tomorrow, chain restaurants with more than 15 locations will be required to add salt warnings next to the high-sodium ...

MIT Finds A Way To Desalinate Water By Shocking The Salt Right Out Of It
Zapping ourselves to more water. MIT has come up with a new way to remove salt from water, in a way that doesn't filters (which eventually clog ...

Resources last updated: 12/10/2015 1:47:28 PM