I have read up on these two topics, and I can't seem to quite grasp the difference between salting and noncing hashes.
1
- For using salt+nonce in a login authentication process, see this answer: stackoverflow.com/a/24978909/43615Thomas Tempelmann– Thomas Tempelmann2019-05-16 14:57:36 +00:00Commented May 16, 2019 at 14:57
Add a comment |
3 Answers
A salt is a non-secret, random value that's used to ensure that the same plaintext will not consistently hash to the same output value; it's used to prevent precomputation attacks such as Rainbow Tables.
A nonce ("number used once") is a - typically randomly generated - value that's associated with a message in a cryptographic scheme, and must be unique within some specified scope (such as a given time interval, or a session). It's typically used to prevent replay attacks.
Nonces and salts are similar and serve related purposes, but aren't identical. Both are typically randomly generated, not secret, and serve to prevent attacks that would otherwise be possible against the system. They differ mainly in the context in which they're used, and in the consequences of repeats - a duplicate salt is unimportant, but a duplicate nonce can have dire consequences.
4 Comments
Nick Johnson
@DarkSquirrel42 Good point. I tried to think of a situation in which a nonce would need to be secret, but couldn't immediately think of one.
Maarten Bodewes
As this is stackoverflow, I'll point out that since a NONCE is a number, you need to know the way the number is encoded (translated into a sequence of bytes) before using it in a cryptographic protocol. Mostly it is just a static number of bytes (for random NONCEs) but it does not need to be.
Nick Johnson
@owlstead You always need to know how your data is encoded, unless you're just treating it as a unit, which is the case for a nonce. Although the definition of "NONCE" includes "number", it needn't actually be one.
Thomas Tempelmann
For using salt+nonce in a login authentication process, see this answer: stackoverflow.com/a/24978909/43615
nonce = number used once. If you generate a unique salt for each bit of data you're hashing, then it's essentially a nonce as well.
4 Comments
RD Ward
Then the nonce must be available to both parties if they are using it for encryption instead of hashing, correct?
Marc B
Yep. In that case, the nonce would be a part of (if not the entirety of) the initialization vector.
rook
A primary key on a database is technically a nonce. I think he means a cryptographic nonce...
Maarten Bodewes
There is no such thing as a "cryptographic" NONCE, if you have a single source of values, you may as well use a serial number, for instance. You can have a random nonce, and if you don't compare nonces, the random number should be large enough.
Hashing is one way process unlike Encryption(using a key we can decrypt). Fixed size and Slight changes in data produces entirely new hash value. It is like finger print. Example: MD5,MD6,SHA-1,SHA-2 and so on..
Storing password in database with hash format also not safe by Rainbow tables, Dictionary attacks and Brute force(GPUs can compute billions of hashes per second). To avoid these issue we need to use Salt.
A Salt(random number) is used so that the same password does not always generate the same key. i.e. A salt is simply added to make a common password uncommon.
A Salt is something we add to our hash to prevent rainbow attacks using rainbow tables which are basically just huge lookup tables that convert hashes to passwords as follows:
dffsa32fddf23safd -> passwordscrete f32ksd4343fdsafsj -> stackoverflow So hacker can find this rainbow table, to avoid this problem we have to store hash with the combination of password and salt.
hash= hashFunction(passowrd+salt) A Nonce (Number used only once) does not need to be secret or random, but it must not be reused with the same key. This is used to prevent replay attacks (aka playback attack).
