In <[🔎] 4D9D1B22.2010608@cox.net>, Ron Johnson wrote: >On 04/06/2011 08:19 PM, Aaron Toponce wrote: >> First, if you don't have the salt, but you do have the hash, then a >> rainbow table attack is completely pointless. > >The OS must store the salt somewhere, in order to correctly authenticate >the user when he logs in. But I've never heard of /etc/hashsalt so what >am I misunderstanding? The value stored in /etc/shadow is both the salt + the encrypted salt+password. This allows a process with read access to /etc/shadow to easily read the shadow, encrypt the salt + provided password, and compare the result to the encrypted salt+password. The salt is randomly generated each time the password is set, and it (usually) different for each entry in /etc/shadow. This increases the size of a rainbow table by a factor of 2^(bits in salt), effectively stopping the attack for all but the most high-profile target with just an 8-bit salt. I'm not sure how many bits are used in a modern salt, but I think it is somewhere between 48-bits and 64-bits. Salted MD5 is still considered secure, even with the known attacks against MD5. Salted SHA1 has no attacks more effective than brute-force. I'd like to believe that shadow passwords will more to SHA3 within 2-3 releases after SHA3 is finalized. At the current rate of attack improvements against MD5, that should be plenty of time. -- Boyd Stephen Smith Jr. ,= ,-_-. =. bss@iguanasuicide.net ((_/)o o(\_)) ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-' http://iguanasuicide.net/ \_/
Attachment:
signature.asc
Description: This is a digitally signed message part.