- Teks
- Sejarah
The Use of Hashed PasswordsA widely
The Use of Hashed Passwords
A widely used password security technique is the use of hashed passwords and a salt
value. This scheme is found on virtually all UNIX variants as well as on a number
of other operating systems. The following procedure is employed ( Figure 3.1a ). To
load a new password into the system, the user selects or is assigned a password. This
password is combined with a fixed-length salt value [MORR79]. In older implementations,
this value is related to the time at which the password is assigned to the user.
Newer implementations use a pseudorandom or random number. The password
and salt serve as inputs to a hashing algorithm to produce a fixed-length hash code.
The hash algorithm is designed to be slow to execute to thwart attacks. The hashed
password is then stored, together with a plaintext copy of the salt, in the password
file for the corresponding user ID. The hashed-password method has been shown to
be secure against a variety of cryptanalytic attacks [WAGN00].
When a user attempts to log on to a UNIX system, the user provides an ID
and a password (Figure 3.1b). The operating system uses the ID to index into the
password file and retrieve the plaintext salt and the encrypted password. The salt
and user-supplied password are used as input to the encryption routine. If the result
matches the stored value, the password is accepted.
The salt serves three purposes:
• It prevents duplicate passwords from being visible in the password file. Even if
two users choose the same password, those passwords will be assigned different
salt values. Hence, the hashed passwords of the two users will differ.
• It greatly increases the difficulty of offline dictionary attacks. For a salt of
length b bits, the number of possible passwords is increased by a factor of 2b,
increasing the difficulty of guessing a password in a dictionary attack.
• It becomes nearly impossible to find out whether a person with passwords on
two or more systems has used the same password on all of them.
A widely used password security technique is the use of hashed passwords and a salt
value. This scheme is found on virtually all UNIX variants as well as on a number
of other operating systems. The following procedure is employed ( Figure 3.1a ). To
load a new password into the system, the user selects or is assigned a password. This
password is combined with a fixed-length salt value [MORR79]. In older implementations,
this value is related to the time at which the password is assigned to the user.
Newer implementations use a pseudorandom or random number. The password
and salt serve as inputs to a hashing algorithm to produce a fixed-length hash code.
The hash algorithm is designed to be slow to execute to thwart attacks. The hashed
password is then stored, together with a plaintext copy of the salt, in the password
file for the corresponding user ID. The hashed-password method has been shown to
be secure against a variety of cryptanalytic attacks [WAGN00].
When a user attempts to log on to a UNIX system, the user provides an ID
and a password (Figure 3.1b). The operating system uses the ID to index into the
password file and retrieve the plaintext salt and the encrypted password. The salt
and user-supplied password are used as input to the encryption routine. If the result
matches the stored value, the password is accepted.
The salt serves three purposes:
• It prevents duplicate passwords from being visible in the password file. Even if
two users choose the same password, those passwords will be assigned different
salt values. Hence, the hashed passwords of the two users will differ.
• It greatly increases the difficulty of offline dictionary attacks. For a salt of
length b bits, the number of possible passwords is increased by a factor of 2b,
increasing the difficulty of guessing a password in a dictionary attack.
• It becomes nearly impossible to find out whether a person with passwords on
two or more systems has used the same password on all of them.
0/5000
The Use of Hashed PasswordsA widely used password security technique is the use of hashed passwords and a saltvalue. This scheme is found on virtually all UNIX variants as well as on a numberof other operating systems. The following procedure is employed ( Figure 3.1a ). Toload a new password into the system, the user selects or is assigned a password. Thispassword is combined with a fixed-length salt value [MORR79]. In older implementations,this value is related to the time at which the password is assigned to the user.Newer implementations use a pseudorandom or random number. The passwordand salt serve as inputs to a hashing algorithm to produce a fixed-length hash code.The hash algorithm is designed to be slow to execute to thwart attacks. The hashedpassword is then stored, together with a plaintext copy of the salt, in the passwordfile for the corresponding user ID. The hashed-password method has been shown tobe secure against a variety of cryptanalytic attacks [WAGN00].When a user attempts to log on to a UNIX system, the user provides an IDand a password (Figure 3.1b). The operating system uses the ID to index into thepassword file and retrieve the plaintext salt and the encrypted password. The saltand user-supplied password are used as input to the encryption routine. If the resultmatches the stored value, the password is accepted.The salt serves three purposes:• It prevents duplicate passwords from being visible in the password file. Even iftwo users choose the same password, those passwords will be assigned differentsalt values. Hence, the hashed passwords of the two users will differ.• It greatly increases the difficulty of offline dictionary attacks. For a salt oflength b bits, the number of possible passwords is increased by a factor of 2b,increasing the difficulty of guessing a password in a dictionary attack.• It becomes nearly impossible to find out whether a person with passwords ontwo or more systems has used the same password on all of them.
Sedang diterjemahkan, harap tunggu..
The Use of Hashed Passwords
A widely used password security technique is the use of hashed passwords and a salt
value. This scheme is found on virtually all UNIX variants as well as on a number
of other operating systems. The following procedure is employed ( Figure 3.1a ). To
load a new password into the system, the user selects or is assigned a password. This
password is combined with a fixed-length salt value [MORR79]. In older implementations,
this value is related to the time at which the password is assigned to the user.
Newer implementations use a pseudorandom or random number. The password
and salt serve as inputs to a hashing algorithm to produce a fixed-length hash code.
The hash algorithm is designed to be slow to execute to thwart attacks. The hashed
password is then stored, together with a plaintext copy of the salt, in the password
file for the corresponding user ID. The hashed-password method has been shown to
be secure against a variety of cryptanalytic attacks [WAGN00].
When a user attempts to log on to a UNIX system, the user provides an ID
and a password (Figure 3.1b). The operating system uses the ID to index into the
password file and retrieve the plaintext salt and the encrypted password. The salt
and user-supplied password are used as input to the encryption routine. If the result
matches the stored value, the password is accepted.
The salt serves three purposes:
• It prevents duplicate passwords from being visible in the password file. Even if
two users choose the same password, those passwords will be assigned different
salt values. Hence, the hashed passwords of the two users will differ.
• It greatly increases the difficulty of offline dictionary attacks. For a salt of
length b bits, the number of possible passwords is increased by a factor of 2b,
increasing the difficulty of guessing a password in a dictionary attack.
• It becomes nearly impossible to find out whether a person with passwords on
two or more systems has used the same password on all of them.
A widely used password security technique is the use of hashed passwords and a salt
value. This scheme is found on virtually all UNIX variants as well as on a number
of other operating systems. The following procedure is employed ( Figure 3.1a ). To
load a new password into the system, the user selects or is assigned a password. This
password is combined with a fixed-length salt value [MORR79]. In older implementations,
this value is related to the time at which the password is assigned to the user.
Newer implementations use a pseudorandom or random number. The password
and salt serve as inputs to a hashing algorithm to produce a fixed-length hash code.
The hash algorithm is designed to be slow to execute to thwart attacks. The hashed
password is then stored, together with a plaintext copy of the salt, in the password
file for the corresponding user ID. The hashed-password method has been shown to
be secure against a variety of cryptanalytic attacks [WAGN00].
When a user attempts to log on to a UNIX system, the user provides an ID
and a password (Figure 3.1b). The operating system uses the ID to index into the
password file and retrieve the plaintext salt and the encrypted password. The salt
and user-supplied password are used as input to the encryption routine. If the result
matches the stored value, the password is accepted.
The salt serves three purposes:
• It prevents duplicate passwords from being visible in the password file. Even if
two users choose the same password, those passwords will be assigned different
salt values. Hence, the hashed passwords of the two users will differ.
• It greatly increases the difficulty of offline dictionary attacks. For a salt of
length b bits, the number of possible passwords is increased by a factor of 2b,
increasing the difficulty of guessing a password in a dictionary attack.
• It becomes nearly impossible to find out whether a person with passwords on
two or more systems has used the same password on all of them.
Sedang diterjemahkan, harap tunggu..
Bahasa lainnya
Dukungan alat penerjemahan: Afrikans, Albania, Amhara, Arab, Armenia, Azerbaijan, Bahasa Indonesia, Basque, Belanda, Belarussia, Bengali, Bosnia, Bulgaria, Burma, Cebuano, Ceko, Chichewa, China, Cina Tradisional, Denmark, Deteksi bahasa, Esperanto, Estonia, Farsi, Finlandia, Frisia, Gaelig, Gaelik Skotlandia, Galisia, Georgia, Gujarati, Hausa, Hawaii, Hindi, Hmong, Ibrani, Igbo, Inggris, Islan, Italia, Jawa, Jepang, Jerman, Kannada, Katala, Kazak, Khmer, Kinyarwanda, Kirghiz, Klingon, Korea, Korsika, Kreol Haiti, Kroat, Kurdi, Laos, Latin, Latvia, Lituania, Luksemburg, Magyar, Makedonia, Malagasi, Malayalam, Malta, Maori, Marathi, Melayu, Mongol, Nepal, Norsk, Odia (Oriya), Pashto, Polandia, Portugis, Prancis, Punjabi, Rumania, Rusia, Samoa, Serb, Sesotho, Shona, Sindhi, Sinhala, Slovakia, Slovenia, Somali, Spanyol, Sunda, Swahili, Swensk, Tagalog, Tajik, Tamil, Tatar, Telugu, Thai, Turki, Turkmen, Ukraina, Urdu, Uyghur, Uzbek, Vietnam, Wales, Xhosa, Yiddi, Yoruba, Yunani, Zulu, Bahasa terjemahan.
- 91.1 Computer Security ConceptsA Definit
- Gutten Morgen My Mooad boster
- READER’S AND INSTRUCTOR’SGUIDE
- Waktunya kerja
- Gutten Morgen My Mooad boster
- READER’S AND INSTRUCTOR’SGUIDE
- Selamat pagi sayang selamat menjalankan
- Proud
- Mengapa perasaan ini ingin bersama mu
- COMPUTER SECURITY CONCEPTS
- sure my neymar angry because last night
- • Confidentiality: This term covers two
- Pasti
- • Confidentiality: This term covers two
- Pesan
- OVERVIEW
- Semoga allah selalu melindungi kamu dan
- 1.1 Computer Security ConceptsA Definiti
- GuttenMorgenMyMooadboster
- LEARNING OBJECTIVESAfter studying this c
- Definitely my neymar angry because last
- quand on parle de (sa) famille aujourd'h
- GuttenMorgenMyMooadboster
- This chapter provides an overview of com
