Bill: Perhaps there is a vulnerability in something else, like a PHP script you use to show source code, that allows attackers to get the file. You want to make sure the file is useless to people, even if they have it, which I think is the worst-case scenario.
They might not be able to download all files this way, as the program might be restricted to showing ASCII files; so they will be able to view your password file but not, say, the binary files stored on your server in the passworded area that they want to get to. Never hurts to fix those things, really. It doesn't negatively impact performance in a noticeable way, and the security benefits dramatically outweigh the costs. Cheers, Jonathan On Wed, May 20, 2009 at 6:05 PM, Bill Ward <[email protected]> wrote: > > > On Wed, May 20, 2009 at 2:55 PM, Jonathan Yu <[email protected]> > wrote: >> >> Bill: >> >> To clarify why a salt is necessary, consider the classic time-space >> tradeoff. Let's say I know that your password is exactly 8 characters >> long and I know all of the possible characters it could be. So let's >> say it's alphanumeric (a-z, A-Z, 0-9, hyphen, period, underscore) - >> that's 26+26+10+3 = 65 possible combinations per character. >> >> Then you'd only have to generate a hash 65^8 = 318644812890625 times, >> which for faster computers these days shouldn't take too long. Still, >> it takes a lot of time, so you can store it all in a database (ie, >> Rainbow Table). So if you map a bunch of arbitrary plaintexts and >> calculate their hash, you can look up the hash and figure out what >> text was used to generate that hash. Thus, you've either figured out >> the password or an MD5 collision thereof; in either case, you'll be >> able to log in. >> >> There are web sites that specialize in that sort of thing. So having a >> 2-byte salt can really help stop those attacks, or at least make the >> amount of space needed infeasible (since every different 2 character >> salt will require you to generate an entirely different rainbow >> table). >> >> For most uses it's probably unnecessary, however, if you can harden >> security with just a few extra lines of code, why not? > > Yeah, but how would you get the MD5 hash without already having access to > the database behind the web site, in which case the farm has already been > given away? Still, it's not hard to add. >
