On Oct 22, 2011, at 2:28 PM, Kevin Veroneau wrote: > Salt would be added obviously as with most hashing, the secret salt(which > should be very complex) would be appended to both sides of the IMEI halves, > or for example: last IMEI half+complex salt+first IMEI half. The salt can > either be a static application salt(such as what some web app frameworks like > django do), or built from the user's name/information. Salt is must when > using hashes, or yes, it will make the hash rather easy to reverse. For a > even more complex hash: salt1+last IMEI half+salt2+first IMEI half+salt3. > > If these salts are at least 256 bits, it will increase the security by a > large number. I'd like someone to try cracking a random string from > /dev/urandom combined with the IMEI. All in all, the person doing the brute > force attack will need to know how it was hashed in the first place, and > there are many ways to add to salt to a hash, be creative. :)
This is still insecure. Salts are typically stored in plaintext next to the output of the hash. They provide randomness to prevent the use of a predefined codebook of hashes. If you don't communicate the salt to the server in plaintext, how does the server compute the hash? Assuming you send the salt in plaintext, being creative with the ways of applying the salt to the hash is security by obscurity and will be broken pretty easily (you are basically making up your own cryptographic algorithm). You must assume your adversary can decompile your application. If the salt is known to the server without being delivered in plaintext, you are using it as a shared cryptographic key. If you have a shared key, you can use an HMAC for authentication. However, as discussed several times on this list, it is a poor assumption to assume that someone cannot decompile your code to retrieve the shared key. As Chris indicated in his email, the IMEI is a poor authenticator. It has low entropy and should not be used as a cryptographic key or to bootstrap authentication. -Will -- William Enck Assistant Professor Department of Computer Science North Carolina State University Email: [email protected] Web: http://www.enck.org -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
