How should we apply the salt to the password?

According to Wikipedia:

A rainbow table is ineffective against one-way hashes that include large salts. For example, consider a password hash that is generated using the following function (where “||” is the concatenation operator):
saltedhash(password) = hash(password || salt)
Or
saltedhash(password) = hash(hash(password) || salt)

Say I’m using Argon2(di) to store passwords. Should I use the second method or first method to hash passwords?
And as a more general question, which hash method is typically better in password storage situations? (What about other situations like HMACS?)

Is a Whirlpool hash with random salt secure enough?

I copied the title from another question, but it wasn’t answered there and my case is a bit different.

I have inherited an old website to maintain. I noticed that the password hashing is not up to modern best practices, but I would like to understand if it is reasonably safe or needs changing.

Here is the code that does the hashing:

public function changePW($  password) {     //     $  new_salt = $  this->random();     $  new_password = $  this->hash($  password, $  new_salt);     // }  public function random($  limit = 10, $  from = 32, $  to = 126) {     $  phrase = '';     for ($  i=0; $  i<$  limit; $  i++) {         $  phrase .= chr(rand($  from,$  to));     }     return $  phrase; }  // self::$  _salt is a constant 12 character string // of 3 words with some letters replaced by numbers public static function hash($  password, $  salt) {     return hash('whirlpool', self::$  _salt . $  password . $  salt); } 

Should I consider this procedure flawed/vulnerable for passwords of 8 characters and longer?

Is there any benefit to using a salt when the cleartext is random data?

I understand that using a salt makes it harder to find cleartext using rainbow tables – but in that scenario the clear text is structured / low entropy. If my clear text is generated randomly, then is there any benefit to using a salt?

The problem I am trying to solve is that of encrypting http session data serverside. I don’t want to persist the decryption key on the server, hence currently I am storing separate cookies for the session identifier and the encryption key at the client. But it occurred to me that if I just stored a single value (the decryption key) at the client, then use the hash of that key as the session identifier, then (in principle) the key cannot be derived from the information stored at the server.

Which road shall I take from Denver, CO to Salt Lake City, UT: I-80 or I-70 w/ US-6?

I’m interested in what route to take between Denver, Colorado and Salt Lake City, Utah, and vice-versa.

http://maps.google.com/maps?q=Denver,+CO++to++Salt+Lake+City,+UT

It would seem like there is one northern option and two southern options.

  • In the north, I-25 in Colorado to Wyoming, and then I-80 throughout Wyoming and into Utah.

  • In the south, I-70 in Colorado, then

    • either SH 13 and SH 64 in Colorado, and US-40 in Utah,
    • or, more I-70 / US-50, through Grand Junction, CO, and US-6 in Utah.

What’s the difference between these ways, and which one is better, or best avoided? I’m driving in the summer (June 2013); interested in a short route; a little scenery wouldn’t hurt; too much engine and tyre wear, bad roads and bad fuel economy is best avoided (driving own car), but high highway speeds are welcome; planning to drive in one or two days, possibly stopping along the highway to get some sleep (spots with night temperatures of around 20°C are welcome, and so are spots where you can get some shade during the daytime). Also, last, but not least, it wouldn’t hurt if the route has some T-Mobile USA UMTS, EDGE or GPRS coverage (without classified as roaming).

As far as Google Maps go, it seems like all three routes are roughly the same, in both the time and the distance, so, looking for some more feedback. For DEN⇆SLC, I’ve so far taken I-80 once when eastbound and I-70 w/ US-6 once when westbound (I’ve only had one SLC⇆DEN trip).

Best summer driving Route from Salt Lake City, Utah, to Houston Texas

We are driving a 1999 Toyota 4-runner with 200,000 miles from Salt Lake City, Utah to Houston, Texas in 24 hours. We will be having a 5×8 U-haul attached to the Toyota. We don’t know whether to go up I-80 to Laramie. Or go south on I-70 through the mountains to Denver. We cannot take a lot of mountain roads, because of the weight of the U-haul.

Best way to store salt in database using java

This is my account table:

CREATE TABLE mwUser (   username varchar2(20) primary key not null,    salt varchar2(64) unique not null,   hashedpw varchar2(64) not null,    email varchar2(320) unique not null  ); 

When I register a new user with my java webservice I automatically generate a random salt and store in the database base (see code below):

Connection c = dataSource.getConnection();  Statement stmt = c.createStatement(); boolean isFound=true; String randomSalt=""; while(isFound){    isFound=false;    String randomSalt=createRandomString(); //creates salt/random string    ResultSet rs = stmt.executeQuery("SELECT * FROM mvUser where salt="+randomString);    //check if salt is unique    while (rs.next()) {      isFound=true;    } }  Statement insertStmt = c.createStatement(); String hashedPW=hash(randomSalt+pw); //generates hashed pw ResultSet rs = stmt.executeQuery("INSERT INTO mvUser VALUES(.....));  stmt.close(); c.close(); 

But as you can see, from my point of view my code is not clean/performant/readable because I have two statements (for checking if salt is unique and and second statement is for inserting).

How can I automatically generate an unique string(salt) and hash it at the same time. I am trying to make my code more performant and read able.

Does putting salt first make it easier for attacker to bruteforce the hash?

Many recommendations for storing passwords recommend hash(salt + password) rather than hash(password + salt).

Doesn’t putting the salt first make it much faster for the attacker to bruteforce the password, because they can precompute the state of the hashing function with the bytes of the salt, and then each time of their billions and trillions attempts they only need to finish calculating the hash using the bytes of the password.

In other words, each bruteforce iteration needs to calculate only the hash of the password intermediateHashState(password) instead of the whole hash(salt + password).

And if the salt was placed after the password, the attacker wouldn’t have this shortcut.

Does this advantage exist and is it significant?

LUKS mitigate brute force attacks even if salt parameter is know?

From What users should know about Full Disk Encryption based on LUKS

In Linux world, LUKS implementations are based on cryptsetup and dm-crypt.  In  order  to  mitigate  the  problem  of  brute  force  attacks based  on  weak  user  passwords,  LUKS  combined  the  ideas  of  salt and key derivation function (i.e., PBKDF2). Because salt parameter is known and user password may be guessed, we focus on iteration counts and their ability to slow down a brute force attack as much as possible 

I can’t understand how can the usage of salt (when it is known as in this case) mitigate brute force attacks ? What am I missing ?

Password Hashing – Where does the Salt gets stored [duplicate]

This question already has an answer here:

  • How to store salt? 6 answers

I have read that it is a best practice to store Hashed passwords using Hashing algorithms which uses Salt to protect from Rainbow table attack.

My question is- if i store the hashed password in my Oracle Database table, where does the Salt gets stored?

I will require the same salt used to hash the password, so that i can re-hash the password for user verification. Is my understaning correct?

How to decrypt AES CCM with salt on Windows? [on hold]

I have an old file that contains some important information. I know the password, except I forgot how I generated it, and as a result don’t know how to decrypt it.

Here it is (decoded from it’s original base64):

{"iv":"HNpO0wJzMdTRl/2B0q4pPA==","v":1,"iter":1000,"ks":256,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"....", ct": "...."} 

I can’t figure out how to decode AES CCM. I’ve got openssl on Windows and Cygwin and neither seem to show support:

Windows:

Cipher commands (see the `enc' command for more details) aes-128-cbc       aes-128-ecb       aes-192-cbc       aes-192-ecb aes-256-cbc       aes-256-ecb       aria-128-cbc      aria-128-cfb aria-128-cfb1     aria-128-cfb8     aria-128-ctr      aria-128-ecb aria-128-ofb      aria-192-cbc      aria-192-cfb      aria-192-cfb1 aria-192-cfb8     aria-192-ctr      aria-192-ecb      aria-192-ofb aria-256-cbc      aria-256-cfb      aria-256-cfb1     aria-256-cfb8 aria-256-ctr      aria-256-ecb      aria-256-ofb      base64 bf                bf-cbc            bf-cfb            bf-ecb bf-ofb            camellia-128-cbc  camellia-128-ecb  camellia-192-cbc camellia-192-ecb  camellia-256-cbc  camellia-256-ecb  cast cast-cbc          cast5-cbc         cast5-cfb         cast5-ecb cast5-ofb         des               des-cbc           des-cfb des-ecb           des-ede           des-ede-cbc       des-ede-cfb des-ede-ofb       des-ede3          des-ede3-cbc      des-ede3-cfb des-ede3-ofb      des-ofb           des3              desx idea              idea-cbc          idea-cfb          idea-ecb idea-ofb          rc2               rc2-40-cbc        rc2-64-cbc rc2-cbc           rc2-cfb           rc2-ecb           rc2-ofb rc4               rc4-40            seed              seed-cbc seed-cfb          seed-ecb          seed-ofb          sm4-cbc sm4-cfb           sm4-ctr           sm4-ecb           sm4-ofb