Title | CFS 155- Salts, Nonces, Initialization Vector |
---|---|
Author | Zachary Evans |
Course | Network Security |
Institution | Lehigh Carbon Community College |
Pages | 2 |
File Size | 51 KB |
File Type | |
Total Downloads | 18 |
Total Views | 151 |
Critical Thinking 4-1: Algorithm Input Values...
Zach Evans Prof. Sue Miner CFS 155 Network Security
Salts Salt!is random data that helps protect against!dictionary and other precomputation attacks. Generally, salt is used in password-based systems and is concatenated or linked to the front of a password before processing. Password systems often use a one-way hash function to turn a password into an “authenticator.” The use of salt means that the attacker would have to produce a totally separate dictionary for every possible salt value. If the salt is big enough, it essentially makes dictionary attacks infeasible. However, the attacker can generally still try to guess every password without using a stronger protocol. Nonces
Nonces are bits of data often input to cryptographic protocols and algorithms, including many message authentication codes and some encryption modes. Such values should only be used a single time with any particular cryptographic key. That is, if you have a nonce that is very large compared to the number of times you expect to use it, it is sufficient to choose nonces using a cryptographically strong pseudo-random number generator. Randomness in a nonce helps prevent against classes of attacks that amortize work across multiple keys in the same system. Initialization Vector (IV’s)
IV is a nonce with an additional requirement: it must be selected in a nonpredictable way. That is, the IV can’t be sequential; it must be random. One popular example in which a real IV is required for maximizing security is when using the CBC encryption mode. The big downside to an IV, as!compared to a nonce, is that an IV does not afford protection against capture-replay attacks—unless you’re willing to remember every IV that has ever been used, which is not a good solution. To ensure protection against such attacks when using an IV, the higher-level protocol must have its own notion of sequence numbers that get checked in order.
Source https://www.oreilly.com/library/view/secure-programming-cookbook/0596003943/ch04s09.html...