问题
As far as my understanding after reading and researching, the purpose of using salt is supposed to be a different salt for every single password to be stored.
If the same salt is used for storing all password, I can understand how to implement this, as I could just store the salt to a constant private variable and use it. But, that's not the case.
Though it makes perfect sense for storing every new password with new different salt, but how do I suppose to know which user's password associated to which salt ? The quick solution I thought of, was to store the salt along with the user's table property, maybe called as 'salt', but that will lose the purpose of having the salt from the first place too if it's too easy to find the salt from the database.
Can anyone advice on this ?
NOTE: I'm using either Python built in library (hashlib) or Bycrypt (Cryptacular or Passlib)
回答1:
The quick solution I thought of, was to store the salt along with the user's table property
That's exactly what you do. Knowing the salt doesn't really detract from their benefits:
- Identical passwords in your database will have different hashes.
- Rainbow tables won't work.
- Brute-force attacks that attempt to match against any of your hashes will be slowed down.
回答2:
If you are using cryptacular.bcrypt.BCRYPTPasswordManager, then you don't need to worry about salts. It takes care of generating and storing the salt with the hash.
You can see below that the hash-string is different for the same password. It means a salt has been used.
For ex:
>>> import cryptacular.bcrypt
>>> crypt = cryptacular.bcrypt.BCRYPTPasswordManager()
>>> crypt.encode('aaa')
'$2a$10$B0czYdLVHJG4x0HnEuVX2eF7T9m1UZKynw.gRCrq8S98z84msdxdi'
>>> crypt.encode('aaa')
'$2a$10$Ni7K.pQoal3irbGmREYojOYoi0lye/W0Okz7jqoynRJhW5OCi8Upu'
回答3:
No the purpose of a password is just to avoid simplistic dictionary attack. TMHO in many application there's only one hash used for all password.
For example, let's say : god, sun and love are common password. Any attacker can have dictionary containing these words and there's hash.
If instead of storing hash(password), you store hash(password+salt) (or hash(salt+password)) you can make this dictionary attack void, because if your salt is 'dza$^"é)àù' the probability that a dictionary contains 'dza$^"é)àùgod' tends to be 0.
Changing the salt at each input could be also a good practice (but I think not so common) but you have to find how to retrieve it to check the password.
来源:https://stackoverflow.com/questions/11065325/salted-hashed-password-with-python-different-salt-for-every-new-password