Qual è l'etimologia di "Salt" in relazione alla memorizzazione delle password?

4

Domanda semplice:

Quando si parla di aggiungere una stringa casuale a una password prima dell'hashing per difendersi dagli attacchi del dizionario, la chiamiamo salt. Perché lo chiamiamo salato?

    
posta Sidney 09.09.2015 - 22:51
fonte

2 risposte

6

Se vuoi parlare di sale e mantenere le cose semplici, pensa a una pizza:

Perchénonpuoiaspettartiunarispostamiglioredapersoneserieeintelligenti:

Doesanybodyknowthesalt'setymologyinthiscontext?Rob.desbois14:45,5June2006(UTC)

Nope.ButIexpectit'sconnectedtotheconceptofsaltingasitewithsomething,asinminingfraud.IgotcuriousaboutthislongagoandseemtoremembertheOEDhasanentryofsomeantiquity.ww18:53,5June2006(UTC)

Iwouldguesssaltingtheearthisthemostlikelysource.Theactualdatais"spoiled" to make it more difficult for an adversary to use. JRM · Talk 12:17, 1 July 2006 (UTC)

Ah, nice suggestions you guys have. Here's the way I usually think of it: Salt is our most common spice. So I tend to think of it as the salt "spices up" the password/key. Of course, then perhaps it should be called "pepper" instead. But also, salt is a well known flavour enhancer. That is, adding some salt to food makes the other tastes in the food stronger. (I don't know why it works like that, but it is a well known fact). And the salt in cryptography does make the password/key stronger. So I think "salt" is an excellent word for it in many ways. And it is a short word, easy to spell and pronounce, easy to translate to all other languages and doesn't change cultural meaning when translated. It's perfect! --David Göthberg 11:58, 25 October 2006 (UTC)

Hmmm... I suspect we have here some folk etymology which is nearly always plausible -- else it wouldn't have been proposed and paased around -- but is often off the actual mark. The first point I'd make is that, to my sense of the language, salt isn't a spice. Spices are exotic (or were exotic once), tend to be plant products (shredded tree bark, for instance), are used in quite small quantities, and are entirely optional, nuitritionally. Salt doesn't meet any of those tests, but perhaps my sense of 'spice' is at variance with that of other English speakers. I can burn water without half trying, after all. I wonder if there is a similar distinction in other languages; there appears not to be one such in Swedish (Davidgothberg's native tongue if I understand correctly).

My personal, completely unsubstantiated guess is that it comes from the phrase "take it with a grain of salt". Tomfelker 23:22, 22 October 2007 (UTC)

But I like the etymology/analogy whether folk or not. ww 14:06, 25 October 2006 (UTC)

I've always presumed that the origin of "salt" is as a sort of back-analogy with the fact that you seed a PRNG=Pseudorandom number generator. The bit of gibberish that you feed to PRNG is a seed because it's the start of things and what it is determines everything that then happens (what plant grows out of that pot depends on whether the seed is a geranium seed or a sunflower seed.) So you try to generate a bit of unpredictable gibberish as a seed. However, when you generate a similar value, but if it is input not to a PRNG, but to a hashing algorithm, you're not actually using as a seed to anything. So, salt is a nicely similar-sounding word (phonologically: each starts with an 's', has a double-mora syllabic nucleus, and ends in a consonant that differs from the other only in voicedness, otherwise just being alveolar stops)— and it has a sort of sense of "aptness" that invites folk etymologies like we see here. Compare: "spice" in "Hasty Pudding cipher: Encryption_and_decryption". --Sburke (talk) 12:11, 17 March 2013 (UTC)

( Talk: Salt (Cryptography) )

    
risposta data 09.09.2015 - 23:38
fonte
-3

Il sale va sempre bene con Hash:)

In tutta onestà non penso che qualcuno abbia confermato il motivo per cui usiamo il termine "sale", ma se fai una rapida ricerca su google puoi vedere cosa hanno teorizzato gli altri.

    
risposta data 09.09.2015 - 23:07
fonte

Leggi altre domande sui tag