|
|
|
|
|
|
by ijoshua
6853 days ago
|
|
|
As stated in the last few paragraphs, the simplest way to guard against this sort of attack is to salt the data before hashing it. What he doesn't discuss is how to choose a salt value. In a good hash function, every bit should affect the output, so really only a couple of bytes are needed for a good salt. Additionally, the salt value can be random and may include unprintable ASCII characters. Furthermore, a new salt can be created for every password. Now, if two users have the same password, the ciphertext will be different for each. I've used this technique to store sensitive personal data which must be recoverable (i.e. credit card numbers.) When a new number is obtained, a few bytes of salt are randomly generated. The data, plus the salt, are passed to a symetric cipher, and the ciphertext and salt are stored in a database. [edit: there's some discussion of this in the article comments.] |
|
|