What does 'salt' refer to in string-to-key (s2k) specifier?

Posted by WilliamKF on Stack Overflow See other posts from Stack Overflow or by WilliamKF
Published on 2010-05-16T21:27:02Z Indexed on 2010/05/16 21:30 UTC
Read the original article Hit count: 304

Filed under:
|

What does 'salt' refer to in string-to-key (s2k) specifier?

It appears to be a random number generator to shake things up, but I would like to know what 'salt' stands for?

For example it is written:

3.6.1.2. Salted S2K

   This includes a "salt" value in the S2K specifier -- some arbitrary
   data -- that gets hashed along with the passphrase string, to help
   prevent dictionary attacks.

       Octet 0:        0x01
       Octet 1:        hash algorithm
       Octets 2-9:     8-octet salt value

   Salted S2K is exactly like Simple S2K, except that the input to the
   hash function(s) consists of the 8 octets of salt from the S2K
   specifier, followed by the passphrase.

But salt is not defined, although its meaning seems clear.

© Stack Overflow or respective owner

Related posts about s2k

Related posts about salt