Salting a public hash
Posted
by
Sathvik
on Programmers
See other posts from Programmers
or by Sathvik
Published on 2011-11-19T19:29:19Z
Indexed on
2011/11/20
2:15 UTC
Read the original article
Hit count: 264
best-practices
|hashing
Does it make any sense at all to salt a hash which might be available publicly?
It doesn't really make sense to me, but does anyone actually do that?
UPDATE - Some more info:
An acquaintance of mine has a common salted-hash function which he uses throughout his code. So I was wondering if it made any sense at-all, to do so.
Here's the function he used:
hashlib.sha256(string+SALT).hexdigest()
Update2:
Sorry if it wasn't clear. By available publicly I meant, that it is rendered in the HTML of the project (for linking, etc) & can thus be easily read by a third party.
The project is a python based web-app which involves user-created pages which are tracked using their hashes like myproject.com/hash
so thus revealing the hash publicly. So my question is, whether in any circumstances would any sane programmer salt such a hash?
Question:
Using hashlib.sha256(string+SALT).hexdigest()
vs hashlib.sha256(string).hexdigest()
, when the hash isn't a secret.
© Programmers or respective owner