Attempts to explain the need for salting passwords to an inexperienced cryptographer have been in my experience, futile. This is especially so when instead of providing a real world example, first an elaborate technical description is said, as is common online. I thought I would change this. This is how I explain salting to coworkers:
Life before salt
Let’s say we have 5 users
|row||Username||Password (Not stored!)||Hash|
Our attacker has already generated a hash table, this is his table
She gains access to our database. Let’s assume the following:
- Comparing two strings takes 0.1 seconds
- Generating a hash takes 0.5 seconds
Given this, she launches an attack.
attack- userDB row 1 matches hashDB row 2 (0.2 seconds) - userDB 2 matches hashDB none (0.5 seconds) - u3 = hnone (0.5 seconds) - u4 = h5 (0.5 seconds) - u5 = h3 (0.3 seconds)
In her attack, for each user, she tries each hash until one matches. As soon as a hash works, she moves onto the next user. This means that for passwords she does not have hashes of already she spends 0.5 seconds because her hash table has 5 entries and she needs to make sure the hash is not in that table. Sometimes, she finds a mashing hash fast, say in 0.2 seconds.
All in all, her attack took 2 seconds, and she walked away with 3 accounts.
Life after salt
Let’s modify our database to salt our passwords