markspace wrote:
Dave Searles wrote:
It seems to me that if you have the hash and the salt, and know the
algorithm for convolving the password with the salt, then you can
still carry out a dictionary attack.
A dictionary attack pre-computes the hash, and then just scans the
password file for a simple string match. The salt defeats this,
because each bit in the salt doubles the storage needed for the
dictionary.
<http://en.wikipedia.org/wiki/Salt_%28cryptography%29>
You're right in that if the password itself is weak and could be
guessed, then all bets are off.
As Tom explained, the salt does not make any single password harder to
crack, but it does slow down an attack aimed at getting all (or the
first) dictionary-vulnerable password.
I was thinking in terms of protecting a particular targeted account
(yours, say, or the superuser account), while you two were apparently
thinking more of protecting all of the accounts in some statistical sense.