问题
Sorry if this is a stupid question, I just want to know: what is the point with the salt in bcrypt? I mean, if you have the following code for creating a hash from a password:
function generateSalt() {
$salt = '$2a$13$';
$salt = $salt . '1111111111111111111111';
return $salt;
}
function generateHash($salt, $password) {
$hash = crypt($password, $salt);
return $hash;
}
$salt = generateSalt();
$providedPassword = generateHash($salt, rand(3,29));
echo $providedPassword;
The above outputs for example:
$2a$13$111111111111111111111uDdpsIcwCVOwEyNueskskXkniY5206fW
$2a$13$111111111111111111111udcvrNt9quPukFRl8./jXRzDGfE9lw0W
So you can clearly see where the salt ends, and if someone gets the database there's not point with the salt, since they just can remove the salt-part and search for just the hashed password. So, am I using bcrypt wrong? (the static salt was just to show where it appears in my hashes), or is there a reason with this?
回答1:
The idea behind a salt is that even if two inputs are the same, the hash will not be identical as long as a different salt is used every time.
For example, many users pick the same password. If you just store the hash of the password, the database will contain many identical hashes - so that if an attacker finds the password just once, he can then use it for all those users easily. However, if the password is hashed with a different salt value for each user, the attacker will have to crack each and every hash stored in the store.
I'm not sure what's that code you're using (what's that crypt function?), but it's ok if it prepends the salt value to the actual hash as long as the hash itself is also calculated using the salt. You're going to need to store the original salt anyway to verify that a new input (password) matches the stored hash. However, as long as you change the salt values between every hash usage, there's no easy way to glean information about the original input.
回答2:
Salting a hash is a means to strengthen the hash against attacks that might allow the hash to be reversed into its original value, while the hash is being sent between hosts online. in that scenario, an eavesdropper could capture the hash, but without a knowledge of the salt value, would never be able to reverse the hash regardless of technique.
来源:https://stackoverflow.com/questions/13037271/the-point-with-the-salt-in-bcrypt