What does 'salt' refer to in string-to-key (s2k) specifier?
Posted
by WilliamKF
on Stack Overflow
See other posts from Stack Overflow
or by WilliamKF
Published on 2010-05-16T21:27:02Z
Indexed on
2010/05/16
21:30 UTC
Read the original article
Hit count: 304
What does 'salt' refer to in string-to-key (s2k) specifier?
It appears to be a random number generator to shake things up, but I would like to know what 'salt' stands for?
For example it is written:
3.6.1.2. Salted S2K
This includes a "salt" value in the S2K specifier -- some arbitrary
data -- that gets hashed along with the passphrase string, to help
prevent dictionary attacks.
Octet 0: 0x01
Octet 1: hash algorithm
Octets 2-9: 8-octet salt value
Salted S2K is exactly like Simple S2K, except that the input to the
hash function(s) consists of the 8 octets of salt from the S2K
specifier, followed by the passphrase.
But salt is not defined, although its meaning seems clear.
© Stack Overflow or respective owner