1

I am salting newly created passwords before hashing them with an encryption algorithm. I generate my salts using a random number function.

Are you compromising security if your salts are only comprised of numbers (with no letters) or does this make no difference at all?

Lloyd Banks
  • 35,740
  • 58
  • 156
  • 248
  • http://stackoverflow.com/q/4983915/10396 answers most common questions about salting passwords. – AShelly Jan 08 '13 at 15:13
  • Also of interest: http://security.stackexchange.com/questions/16117/in-hashing-does-it-matter-how-random-a-salt-is/16119 – msanford Jan 08 '13 at 15:16
  • Unfortunately, neither of these 2 posts talk about the added security (if any) of having a salt with both numbers and letters – Lloyd Banks Jan 08 '13 at 15:30

1 Answers1

1

A salt should be unique (ideally for every password in the world), and unpredictable. The best you can do with a deterministic computer is, to get a random number, and hope that the returned value is nearly unique. So the more possible combinations you have, the bigger is the chance that the salt is unique.

Some hash algorithms define a number and an alphabet of accepted characters. PHP's BCrypt for example, expects a salt containing 22 characters from this alphabet:

./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz

You get the most possible combinations, using all characters of the alphabet, and not only the characters 0-9. Of course a longer salt with a small alphabet (0-9) can have as much combinations, as a shorter salt with a big alphabet (0-9,a-z,...).

To make it short, use all possible characters, and as many characters as your hash algorithm expects.

P.S: If you use a key-derivation function like BCrypt (and you really should), then you cannot salt the password befor hashing, instead you have to pass the salt to the hash function.

martinstoeckli
  • 23,430
  • 6
  • 56
  • 87
  • I never heard of an unpredictability requirement for password hashes. And concerning more=better, after about 64 bits the gain becomes pretty small, and at around 128 bits increasing salt size won't help at all. – CodesInChaos Jan 08 '13 at 21:45
  • @CodesInChaos - You are right, that there is no need to make salts very long, that's why BCrypt only expects 22 characters (5.4E39 combinations), anyway i changed the text slightly. A salt should be unpredictable, because otherwise an attacker could make [precalculations](http://security.stackexchange.com/a/17480/8343). An extreme example would be an increasing salt starting with 1 (userid), and an admin account as the first account. – martinstoeckli Jan 08 '13 at 22:01