What is SALT and how do i use it?

Question

I have been searching around and I am still unsure of what a "salt" is and how to use/implement it. Sorry for the noobish question, I am self learning php.

http://en.wikipedia.org/wiki/Salt_(cryptography) – ceejayoz Apr 07 '11 at 16:46 — ceejayoz, Apr 07 '11 at 16:46
http://www.php.net/manual/en/faq.passwords.php – Yasen Apr 28 '14 at 18:32 — Yasen, Apr 28 '14 at 18:32
https://en.wikipedia.org/wiki/Salt Goes well with chips! – DreamTeK Aug 02 '18 at 14:22 — DreamTeK, Aug 02 '18 at 14:22

score 47 · Accepted Answer · edited Apr 22 '14 at 06:57

I am definitely not an expert, but the really short answer is that "salting" a line of text means to stick a few extra characters on the end of it. You could salt "salt" with "abcdefg" to get "saltabcdefg". This might be useful if "salt" happens to be a password that you'd like to make more difficult to guess.

Typically, the password+salt are transformed ('hashed') by some difficult-to-reverse process into a completely different string. This transformed string is then stored as the password, together with the plaintext of the salt, and the original plain text of the password proper is tossed away. When you want to check that someone has input the correct password, you combine whatever they've typed in with the salt that's listed in the password file and then hash the result. If the result matches the password hash you have on record, then you know that they've put in the right password.

Implementing a salt can be as easy as picking a string to serve as the salt and then making sure you keep track of it. But, you could vary the salt with each password, and then you'll have to have a way of keeping track of password+salt combinations as well as generating the variations. Of course, you'll probably also want to hash the password rather than saving the password's plain text, and so you'll have to pick a hash function. At this point, the problem has proceeded from salting proper to implementing a password security scheme.

For PHP, you might want to look at how some of the frameworks have implemented this. Two quick links, for CakePHP and Zend, respectively:

http://www.jotlab.com/2010/04/18/cakephp-rainbow-table-protection-behaviour/

http://www.zimuel.it/blog/2009/07/build-a-secure-login-with-zend-framework/

Also, if the salt is stored in the database (Different for each user) im guessing that it needs to be hashed along with the password. Whats the best way to get the hashed salt back from the db to test it vs. the stored pw? Thanks — Drewdin, Apr 07 '11 at 18:54
My impression is that the salt is stored as plain text. Hashing the salt along with the password would effectively require the user to type the password+salt in. However, having the salt in plain text is not so bad, because its primary purpose is to make it harder for people to attack password files with large tables of precomputed "this hash equals this password" values (i.e. rainbow tables). In other words, sure, an attacker could try to modify their approach based on the salt, but they would still have to recompute things from scratch. — Approximately Linear, Apr 07 '11 at 23:22
[CakePHP article](https://web.archive.org/web/20170308143021/http://www.jotlab.com:80/2010/cakephp-rainbow-table-protection-behaviour) on webarchive, zend seems to be gone for good =( — , Nov 22 '17 at 07:30
PHP's `password_hash()` function adds salt automatically... https://www.geeksforgeeks.org/how-to-secure-hash-and-salt-for-php-passwords/ — Elijah Mock, Apr 16 '20 at 13:46

score 28 · Answer 2 · answered Apr 07 '11 at 16:53

28

When I first asked this question, many years ago, I was asked in response, "What does salt do for food?" The answer is that it adds variety to food. The idea behind cryptographic salt is that it's something you add to the end or beginning of a string in order that two passwords that are identical don't hash to the same cryptographic value.

Consider this - if I had a password that was really common, like 'hello123', and then it hashed to the exact same cryptographic hash as all other 'hello123' passwords, couldn't I just look in the list of hashed passwords to see who else had the same cryptographic hash, and use my password on their account?

answered Apr 07 '11 at 16:53

jwir3

6,019
5
47
92

2

Thanks, does the SALT change or stay the same? – Drewdin Apr 07 '11 at 17:00
The reason i ask is wouldn't the same password with the same salt hash the same way? I'm going to read the links that were provided. Thanks – Drewdin Apr 07 '11 at 17:05
5

The same password with the same salt will hash the same way, yes. Some folks do per-user salts for added security. Even a shared salt dramatically increases security though - the chances of someone having a pregenerated list of salted hashes for your particular salt is small. – ceejayoz Apr 07 '11 at 17:09

score 7 · Answer 3 · answered Apr 07 '11 at 16:52

7

A salt is a (short) string that is added to the string you want to encrypt or hash. An Example:

<?php
 $password = 'abcdefg';
 $salt = 'anythingyouwant_';
 $pw_hash = md5($salt.$password);
?>

This adds security to the hash, as it's unlikely that "anythingyouwant_abcdefg" is already stored in a hash-database ( http://en.wikipedia.org/wiki/Rainbow_tables )

answered Apr 07 '11 at 16:52

stlvc

833
5
16

But still 'abcdefg' can be easily guessed, so, no salt will help. – Your Common Sense Apr 07 '11 at 17:21
Of course it can be guessed. The salt is only helping if the hash is exposed (for example if i get access to your database with user login credentials). If i know the hash for 'abcdefg' (which isn't hard to guess), i can start looking for this hash in your database. But as I don't know the salt you are adding, i won't be able to find the corresponding password. – stlvc Apr 07 '11 at 19:06
How come you know hash but don't know salt? – Your Common Sense Apr 07 '11 at 19:24
1

There are certain passwords that are often used by users, like "applejuice", "abcdefg", "ball" etc. You can simply hash those passwords for yourself, so you got the hash of these passwords. The salt however is added to those passwords by yourself, so only you know the salt. – stlvc Apr 07 '11 at 19:29
**if the hash is exposed**, the salt is most likely being exposed too. So, no salt will help weak password. – Your Common Sense Apr 07 '11 at 19:37
Ask yourself how the salt can be exposed. – stlvc Apr 07 '11 at 19:41
The hash of the password+salt is exposed if the attacker has access to your database. But you are not saving the salt in your database. You either choose a salt that you hardcode into your php script, or (which is better) generate it dynamically (for example by hashing a users sign up date). Salting a password is only kind of a "last hope" if your database is accessed by bad guys. – stlvc Apr 07 '11 at 19:47
What? generate it dynamically and what's next? how it is supposed to compute the same hash again with no salt? – Your Common Sense Apr 07 '11 at 19:56
In the example i've mentioned above, you simply fetch the sign up date of the user, hash/encrypt it like you did for saving the password, add this to the password the users has entered in the login form and hash that again. Et voila, you got the matching hash (if the user entered the correct password of course). – stlvc Apr 07 '11 at 19:59
so, you're using signup date as a salt and store it in the database. That's what I said - the salt being exposed the same time as hash. – Your Common Sense Apr 07 '11 at 20:03
Hash the signup date, trim it to 5 digits, reverse it, etc.. You don't store the salt. How can i know that you are using the signup date? And how can i know what you are doing to the signup date within your PHP application to generate a salt from it? You will NEVER EVER have access to the salt, if you don't have access to the source code of the application. – stlvc Apr 07 '11 at 20:07
Never say never. You will NEVER EVER have access to the hash, if you don't have access to database. But we're supposing you have. Same goes for the code. – Your Common Sense Apr 07 '11 at 20:10
If the attacker has access to your server / code, you have other problems than salting passwords within your PHP application. Salting passwords adds a layer of security, if your database has been hacked. It doesn't make your server 100% save. – stlvc Apr 07 '11 at 20:13
Yes. That's why your password should be strong despite of salt – Your Common Sense Apr 07 '11 at 20:14
this discussion was awesome and very helpful! I was asking myself these same questions last night, thanks guys! – Drewdin Apr 08 '11 at 13:36

score 6 · Answer 4 · edited May 23 '17 at 12:26

6

Well its in the comments, thanks ceejayoz

http://en.wikipedia.org/wiki/Salt_(cryptography)

A salt is something you add to a string before you hash it, it adds another layer of security to passwords and the like.

edited May 23 '17 at 12:26

Community

1
1

answered Apr 07 '11 at 16:49

Naftali

144,921
39
244
303

No idea why this was downvoted, it's a perfectly valid answer. – GordonM Apr 07 '11 at 17:09
And Im giving you a +1 just because you should be one vote up thanks to Gordon :) – Cogicero Apr 07 '11 at 17:11

Mahendra Jella · Answer 5 · 2014-04-21T07:06:47.393

0

Let us spice up things a little by combining several algorithms for hashing, making a double hashing algorithm:

$password = "myPassword";
$salt = sha1(md5($password)).'k32duem01vZsQ2lB8g0s'; 
$password = md5($password.$salt);

As you can see, we first hashed the password using double hashing algorithm (md5 and sha1) and concatenating with a key created salt value. After that, we combined real password with generated salt value and hashed it again with md5. The advantage is that this way alt value is random and it changes, making it nearly impossible to break. I mean, if you can wait for a million years and have a super computer on your hands, try to break it.

edited Apr 21 '14 at 07:06

answered Apr 17 '14 at 06:18

Mahendra Jella

5,450
1
33
38

1

Sorry to say it, but you did nearly everything wrong here. MD5/SHA1 is ways too fast, use a slow hash function like BCrypt or PBKDF2 instead. The salt looses its advantage at all, if it is derrived from the password itself, there is not a single bit more randomness in it. The password used in the example, hashed with this algorithm, would be cracked within seconds with a decent cracker tool. If you are interested, then have a look at my [tutorial](http://www.martinstoeckli.ch/hash/en/index.php) about safely storing passwords. – martinstoeckli Apr 19 '14 at 17:50
Tutorial was very clear and Thx for your clear explanation. If we add our own key concatenation then cracking possibility will decreases to narrow I hope.-@martinstoeckli – Mahendra Jella Apr 21 '14 at 07:05
If you add the key this way, you add a pepper, this is an improvement because an attacker now needs privileges on the server. Though it doesn't make the salt any safer, if is still not random and if the attacker knows the pepper, it is still derrived from the password. Furthermore there is a better way to add a server side secret, have a look at the last part of the tutorial about encrypting the hash. – martinstoeckli Apr 21 '14 at 13:07

score 0 · Answer 6 · edited Nov 01 '20 at 18:51

0

For some reason. Salts are usually hard for people new to cryptography to grasp. Once it clicks though, the concept is extremely simple. Have a look at this article. I think it explains the concept better than most.

https://web.archive.org/web/20140430053616/http://cryptodox.com/Salt_(cryptography)

edited Nov 01 '20 at 18:51

PJunior

2,649
1
33
29

answered Apr 07 '11 at 16:50

Matthew Vines

27,253
7
76
97

What is SALT and how do i use it?

6 Answers6

Linked

Related