views:

151

answers:

2

Possible Duplicate:
What is the optimal length for user password salt?

I tried to find the answer to this question on Stack Overflow without any success.

Let's say I store passwords using SHA-1 hash (so it's 160 bits) and let's assume that SHA-1 is enough for my application. How long should be the salt used to generated password's hash?

The only answer I found was that there's no point in making it longer than the hash itself (160 bits in this case) which sounds logical, but should I make it that long? E.g. Ubuntu uses 8-byte salt with SHA-512 (I guess), so would 8 bytes be enough for SHA-1 too or maybe it would be too much?

+1  A: 

Current standards suggest a 16 char-length salt http://en.wikipedia.org/wiki/Crypt_%28Unix%29#SHA-based_scheme

Also this question has been asked before :)

Tom Gullen
Heh, it's true. I wonder however how you found it. I tried http://stackoverflow.com/search?q=password+salt+length and http://stackoverflow.com/search?q=optimal+password+salt+length and it's certainly not on the first page.Anyway, the question remains unanswered. The link to Wikipedia you provided (and is also provided in the other question) does not say anything about 16 char long salt. The longest salt mentioned there is 24 bit "BSDi extended DES-based scheme"
Juliusz Gonera
A: 

In my opinion, the biggest worry with hashed passwords are rainbow tables. There are rainbow tables available that hold values as high as 64 characters last I checked. Keeping this in mind, you would probably want your hashed value to be somewhere greater than that to avoid being easily "looked up" in a rainbow table. This means that the salt+password length should be greater than 64.

Joe Philllips
no, this is not right. There are *not* 2^(64*8) passwords in rainbow tables. You are misunderstanding rainbow tables.
GregS
@GregS if you think that's how rainbow tables work, then YOU are misunderstanding them. Not every password is stored. Read up on how chaining works
Joe Philllips
Obviously I know that is not how rainbow tables work, but that is what your answer implies. The fact that there are 64 character keys in rainbow tables is irrelevant.
GregS
I see what you mean now. I shouldn't have said "keys" -- should have said values.
Joe Philllips