Static Salt vs Random Salt - Security PHP

2020-02-25 23:43发布

问题:

Is there any working difference between

$hash=sha1($key.$staticSalt);  

and

$hash=sha1($key.$randomSalt);  

If i use random salt i need to store the random salt in the database, on the other side if i use a fixed salt then no need to use DB !
And if the code can be hacked to see the salt (static) then the hacker will be able to see the database also with the hash and random salt :D
So does it worth it ?
What if i use a salt like @#kiss~89+.&&^me ?

回答1:

Random salts have a tremendous benefit. If all accounts in the system use the same salt, an attacker can brute-force calculate hashes for that salt and break into all accounts with just one computational run. If they use different salts per account, brute-force only gets you into one account.



回答2:

While best practice for password storage dictates that they should be stored in a hashed format with a unique salt, the original question actually raises a reasonably good point: if you store the salt in a different location to the hashes, the impact of those hashes being disclosed is lowered.

1) If the passwords were only hashed, and stored in a database, and the site suffered from SQL Injection then an attacker could "crack" the hashes

2) If the passwords were hashed with a salt, and the both hash and salt were in the database, and the site had SQL Injection then an attacker could "crack" the hashes, but would require more computational effort (as there is no performance boost from pre-computed tables)

3) If the passwords were hashes with a salt, and the salt was stored elsewhere, then SQL Injection would afford an attacker little leverage to ascertain the actual password.

Scenario 1 is obviously weakest, but the difference in security between 2 and 3 is less clear-cut, and depends on the relative probabilities of SQL Injection vs server-side code disclosure (and associated classes of vulnerability).

What do you trust more - your ability to protect against SQL Injection, or the ability of Apache/PHP/Whatever to protect your server-side content.

Things are never simple and I actually think the idea in the OP makes more sense than other answers give credit for.

(You could use both, a salt stored in database and a "key" if you like stored in the web app source, when generating passwords).



回答3:

A salt is be random by definition; there is no such thing as a 'static salt'. If it is not random, it's not a salt but a key.

The point of the salt is to make sure the attacker has to mount a separate attack for each password he/she wants to crack. In other words, the point of salting a hash is to prevent precomputation attacks (rainbow tables).

The easy solution for getting it right is to use a standard library instead of cutting corners



回答4:

Always use random salt for each password.

If you don't then the benefit of having the salt is lost. If you use the same salt , then in the case if website gets compromised , the hacker can use same hash table for hacking all the passwords in your userlist. If salt is random , then he has to have new hashtable for each user.



回答5:

I 'm not sure if you are salting correctly -- the purpose of a salt is to foil precomputed dictionary attacks if your database is compromised. Therefore you are using a database to begin with, so what does your "no need to use the DB" comment mean?

If you are not using a random salt, then you don't make it more difficult for the attacker to attack your hashes if they get their hand on the salt. You will be better off using a random salt -- you won't need to keep it hidden for your security to work.

The salt also does not need to be long or unusual. "rK" is a good salt. "1q" is also good. Its purpose is simply to vary the output of the hash function.