Hashing, Salting, Signatures

Algorithims that produce a hash using a private key and some stored random “salt”

Salting

Improves the security of hashes because pre computed rainbow tables can’t be used. However the effectiveness is arguably becoming less over time as new rainbow tables can be computed faster using FPGA’s and salting.

Storing Passwords

On systems at any risk of hacking you should be storing a “Salted Hash” of a users password, not the actual password. It should be impossible for you to tell a user what their password actually is from the information you store – that is what a slated hash does.

Dealing with mistyped passwords

Some sites apparently store a few salted hashes of user entered passwords at the time of generating the salted hash, with common miss-typed versions of what was entered. They then validate the hash of a user entered password in the future against them all. Quite a nice trick!

Hash Signatures

Algorithims (e.g. SHA256) that produce a hash using a private key that can then be verified using a public key.

What to use (updated 2024-10): SHA2/SHA3/BLAKE2/BLAKE3 are all good. Don’t use sha1/md5 as they are no longer cryptographically secure or xxhash/crc32 as they are not intended to be cryptographically secure.

USEFUL?
We benefit hugely from resources on the web so we decided we should try and give back some of our knowledge and resources to the community by opening up many of our company’s internal notes and libraries through mini sites like this. We hope you find the site helpful.
Please feel free to comment if you can add help to this page or point out issues and solutions you have found, but please note that we do not provide support on this site. If you need help with a problem please use one of the many online forums.

Comments

Your email address will not be published. Required fields are marked *