Salt (cryptography)
In cryptography, salt consists of random bits (typically 12 or more) used as one of the inputs to a key derivation function. The other input is usually a password or passphrase. The output of the key derivation function is often stored as the encrypted version of the password. It can also be used as a key for use in a cipher or other cryptographic algorithm. A salt value is typically used in a hash function. The salt value may or may not be protected as a secret. In either case the additional salt data makes it more difficult to conduct a dictionary attack using pre encryption of dictionary entries, as each bit of salt used doubles the amount of storage and computation required. In some protocols, salt is transmitted in the clear with the encrypted data, sometimes along with the number of iterations used in generating the key. Cryptographic protocols that use salt include SSL and Ciphersaber.
|
|
