0

Edit: This question is not about what adding salt to a hash is, how to do it, nor how it increases security.

I wrote the following code:

<?php

    $salt = '';
    $salt_alphabet = str_split('aAbBcCdDeEfFgGhHiIjJkKlLmM.nNoOpPqQrRsStTuUvVwWxXyYzZ/');
    $salt_prefix = (version_compare(PHP_VERSION, '5.3.7') < 0) ? '$2a' : '$2y';

    foreach (array_rand($salt_alphabet, 20) as $alphameric) {
        $salt .= $salt_alphabet[$alphameric];
    }

    if (defined('CRYPT_BLOWFISH') and CRYPT_BLOWFISH) {
        echo crypt('thisisasuperpassword', $salt_prefix . '$07$' . $salt . '$$');
    }

?>

Which outputs a Blowfish hash like so:

$2y$07$acEfghiKL.OprtuwyYZ/$.j7uui28rXLPyAcDzGBfQbbvQL6a.kk2

If someone gets this hash, how is having the salt available in the hash itself secure?

People say Blowfish is the most secure encryption there is, but hash encryption like SHA-256 doesn't display what salt was used or not in the hash itself, which would seem to be more secure. Isn't the point of salt in hashing to add randomness to the hash, if you have the randomness as part of the hash, how can it still be more secure?

As with the hash above, "acEfghiKL.OprtuwyYZ/$" is the salt, plain as day, right there in the hash itself. All someone would have to do is add this salt to the values they already have in their rainbow table, hash database, or what have them, and there you go, the purpose of the salt is defeated.

Or is it not somehow?

As an example, once you load a database into an array all you'd have to do is:

<?php

    foreach ($hashes as $hash) {
        $salt = explode('$', $hash)[3];
        // Proceed to use the salt to crack the hash
    }

?>

This seems like a glaring security problem, how is it not?

Or what am I doing wrong?

Coffee'd Up Hacker
  • 1,356
  • 11
  • 23

2 Answers2

3

There are things, called rainbow tables. These are huge hash databases pre-generated with lots of passwords. If you don't add a salt, one can easily lookup your hash in a rainbow table and hack it in seconds.

Basically, instead of brute-forcing a password, all of those combinations that you'd use in brute-force are already in the database, optimized for super fast search. But once you add salt, that adds length and randomness to the password and makes it impossible to find in a rainbow table.

Marius
  • 3,976
  • 5
  • 37
  • 52
  • Wikipedia entry on rainbow tables : http://en.wikipedia.org/wiki/Rainbow_table – David Wilkins Apr 16 '14 at 17:55
  • I'm well aware of what adding salt to a hash value does and how it increases security, I'm not asking about that. Blowfish hashes include the salt, if someone, as you say, is using a hash database, they could easily add each hashes salt to each value in the database and they'd be back to just looking up the hash in their database. Which seems to defeat the purpose of the salt all together. My question is: "Is that assumption wrong?" – Coffee'd Up Hacker Apr 18 '14 at 05:50
  • Wrong. I will repeat myself, since i might have not explained it clear enough: rainbow tables are limited - they only contain a relatively small number of hashes. They are ok for common password hashes or for hashes of words up to some number of characters. BUT AS SOON AS YOU HASH A PASSWORD WITH SALT - rainbow table will NOT LONGER have such hash present. ALSO: you CAN'T add salt to a hash in rainbow table - salt is added BEFORE hashing operations - NOT AFTER. So in order to look up a salted password you need to regenerate the entire rainbow table with the salt added to every combination. – Marius Apr 18 '14 at 11:10
  • A hash database will contain the non-hashed values as well. With Blowfish you can add the salt to the non-hashed values super easy and that defeats the purpose. For example a password of "1234" hashed as Blowfish with the above code is "$2a$07$acEfghiKL.OprtuwyYZ/$ecRuoVMd57956GZZ5B.DTWYaeK57wmti" all someone has to do to figure out the password is check if crypt('1234', '$2a$07$' . $salt) === $hash. How is that more secure than SHA-256 where the salt isn't shown? – Coffee'd Up Hacker Apr 21 '14 at 11:49
  • You've just answered your own question. A rainbow table WILL contain the hash of '1234', but it will NOT CONTAIN the hash of '1234' + salt. And that defeats any hope of looking up for a password in it. You can still find the password by using crypt() as you suggested, but that is called brute forcing and it has nothing to do with rainbow tables. Salts are not meant to protect you against that. If you do it your way though, you might need millions of years to detect the password, while a non-salted password could be looked up in a rainbow table super fast. – Marius Apr 21 '14 at 15:00
0

Blowfish is encryption, sha is hashing. The big difference is that encryption is reversible while hashing is not supposed to be.

The same password will always result in the same hash, so you don't need to store the password anywhere.

If you add random strings to a password, then encrypt the result, the outcome will be not reproducable and your password is useless.

If you are salting the password for hashing, you add security, because what ever technique is used to reverse calculate the hash, all possible results will be the original password + salt But the salting has to be reproducable as well

Michel Feldheim
  • 17,625
  • 5
  • 60
  • 77