How long should a salt be to make it infeasible to attempt dictionary attacks?

Question

I\'m designing an authentication system that works like the following:

1. User enters password
2. Salt is generated.
3. Password is hashed with whirlpool<

Answer 1

I think you are misunderstanding the concept of a salt. Salts do not prevent or slow down dictionary and brute-force attacks significantly.

The whole point of using salts is to avoid the possibility that someone has already precomputed a dictionary/brute force attack for your password hashes (for example using rainbow tables). Thus, it only needs to be long enough to exclude the possibility that such a table already exists for a specific salt.

Considering the typical size of such a rainbow table, it is extremely unlikely that somebody already has precomputed such tables for salts of even small size like 8 bytes or so (consider the number of possible salts: 256^8 = 18446744073709551616). The premise is of course that the salts are randomly generated and that you don't use the same salt value multiple times. 64 bytes can't hurt, of course, there's nothing wrong with that.

However, if you want to make brute-force or dictionary attacks infeasible, it won't help you to use a longer salt. Instead, make your users to choose strong passwords and consider using key stretching.