Re: Salt - ett substitut för dåliga lösenord?

Didrik Madheden didrik at kth.se
Wed May 23 12:13:21 CEST 2007


On 23/05/07, Alexander Boström <abo at stacken.kth.se> wrote:
> > 2, Används salt i Kerberos?
>
> Tror det. Kan bero på vilka kryptoalgoritmer man använder m.m.
Klippeliklistrat från ett mail från Harald.

http://www.faqs.org/faqs/kerberos-faq/general/section-25.html

# In Kerberos 4, a salt was never used. The password was the only input to the
# one-way hash function. This has a serious disadvantage; if a user happens to
# use the same password in two Kerberos realms, a key compromise in one realm
# would result in a key compromise in the other realm.
#
# In Kerberos 5 the complete principal name (including the realm) is used as
# the salt. This means that the same password will not result in the same
# encryption key in different realms or with two different principals in the
# same realm.

/Didrik Madheden

-----BEGIN 2ROT13 MESSAGE-----
Low Bitrate Netlabel: <http://f-label.tojt.net/>
Electronic music forum:
<http://oxo-unlimited.com/forums>
Sätt på ett par flipflops, vippa på rumpan
och gör det här till en minnesvärd sommar!
-----END 2ROT13 MESSAGE-----


More information about the Stacken mailing list