<<< Date Index >>>     <<< Thread Index >>>

Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords



Circa 2005-04-21 dixit Mike Fratto:

:  
: > I thought the idea of the salt was to aid in expanding the 
: > keyspace. Even though the salt is known (in traditional Unix 
: > passwd/shadow/master.passwd databases, 
: 
: I am pretty sure the intent the salt is to make pre-computation of a
: dictionaries infeasable due to storage requirements. It doesn't really add
: to the keyspace because the salt is known and doesn't have to be guessed.

... which is exactly what i was speaking of.  The salt increases the
keyspace for the precomputed table of password hashes.  The conversation
was not about brute force attacks....

-- 
jim knoble  |  jmknoble@xxxxxxxxx  |  http://www.pobox.com/~jmknoble/
(GnuPG fingerprint: 809F:09B9:9686:D035:4AB0::9455:124B:0A62:DD6A:76D6)
 .....................................................................
 :"The methods now being used to merchandise the political candidate :
 : as though he were a deodorant positively guarantee the electorate :
 : against ever hearing the truth about anything."   --Aldous Huxley :
 :...................................................................: