PKCS#5 盐隐私?
在PKCS5 V2.0标准的官方文档中,我们可以读到“盐可以被视为从密码派生的一大组密钥的索引,并且不需要保密”。
“不必保密”部分很有趣。
由于盐用于添加大量的密码可能性(或者如果两个用户具有相同的密码,则创建两个不同的密钥),那么让盐不安全的目的是什么?
据我所知,通常攻击者无法访问盐,因此找到正确密码的工作会使他的工作变得复杂。但如果攻击者知道了盐,那么“魔力”在哪里呢?知道盐就像执行传统的字典攻击(如果我们排除迭代计数)!
有什么我不明白的吗?我知道知道盐不会破坏安全性,但是说“不需要保密”对我来说听起来很奇怪。
In the official documentation of the PKCS5 V2.0 standard, we can read "The salt can be viewed as an index into a large set of keys derived from the password, and need not be kept secret."
The part "need not be kept secret" is interesting.
Since the salt is used to add a huge range of password possibilities (or to create two different keys if two users had the same password), what is the purpose of letting the salt insecure?
I understand that typically, an attacker wont have access to the salt, so it will complicates his job to find the right password. But if an attacker knows the salt, where is the "magic"? Knowing the salt is like perform a traditional dictionary attack (if we exclude the iteration count)!
Is there something that I dont understand? I know that knowing the salt dont break the security but, saying that it "need not be kept secret" sounds strange to me.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
该段落的其余部分(在标准中)似乎对此进行了解释:
关键是您不能只获取密码列表(假设有 7700 万个密码)并在同一个表中运行它们。您需要为每个密码+盐构建一个单独的表。
The rest of the paragraph (in the standard) seems to explain it:
The point is that you can't just take a list of passwords (let's say 77 million passwords) and run them through the same tables. You will need to build a separate table for each password + salt.