Home > Security > Question of the Day: What is a salt?

Question of the Day: What is a salt?

A salt is used in cryptography to make decryption less efficient for attackers by adding another hashing layer on top of an encryption algorithm. When a passphrase is used to encrypt data, a salt can be additional data that gets concatonated to the passphrase or key. This means that the attacker’s dictionary now needs to contain many more entries, one for each possible salt value for each probable passphrase.

Salts are implemented as random bits. They are used as a second argument along with the passphrase in a function that is used to derive a decryption key.

For practical purposes, you can use salts as a second passphrase equivalent across services, such as for example when interfacing with a third party web service that intends to be synchronized. By agreeing upon a common salt or salt algorithm, such as making it time-based, you can support handshaking while retaining an extent of cryptographic security.

For more information, the following Googled links are just a tiny few of the resources that describe salt in the context of cryptography and some of them provide a good introduction to cryptographic principles:

Advertisements
Categories: Security
  1. Unknown
    February 25, 2008 at 1:42 pm

    I understand the strength the salt gives if it is kept secret. But what are the benefits of using "open" salt?

  2. Jon
    March 16, 2008 at 1:23 pm

    Open salt? Not sure what you mean by that. If you\’re referring to the notion of a "common salt", "such as making it time-based" along with an IP address, it its advantage is that it can, for instance, lock the decryption of a password to a predetermined point in time. It isn\’t the encryption key, it only makes the encryption key that much more difficult to decipher.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: