Ver:
· Nonce
· http://en.wikipedia.org/wiki/Salt_%28cryptography%29
dato
aleatorio que se combina con una clave para que el resultado de una función
criptográfica quede razonablemente disperso y protegido frente a ataques de
diccionario.
A non-secret
value that is used in a cryptographic process, usually to ensure that the
results of computations for one instance cannot be reused by an Attacker. [NIST-SP800-63:2013]
A non-secret
value that is used in a cryptographic process, usually to ensure that the
results of computations for one instance cannot be reused by an attacker. [CNSSI_4009:2010]
random data item
produced by the signing entity during the generation of the message
representative in Signature scheme 2. [ISO-9796-2:2002]
Random string
that is concatenated with other data prior to being operated on by a hash
function. See also Hash.
https://www.pcisecuritystandards.org/security_standards/glossary.php
A salt consists
of random bits used as one of the inputs to a key derivation function.
Sometimes the IV, a previously generated (preferably random) value, is used as
a salt. The other input is usually a password or passphrase. The output of the
key derivation function is often stored as the encrypted version of the
password. It can also be used as a key for use in a cipher or other
cryptographic algorithm. A salt value is typically used in a hash function.
The salt value
may or may not be protected as a secret. In either case the additional salt
data makes it more difficult to conduct a dictionary attack using
pre-encryption of dictionary entries, as each bit of salt used doubles the
amount of storage and computation required.
In some
protocols, the salt is transmitted in the clear with the encrypted data,
sometimes along with the number of iterations used in generating the key (for
key strengthening). Cryptographic protocols that use salts include SSL and
Ciphersaber.
Early Unix
systems used a 12-bit salt, but modern implementations use more.
http://en.wikipedia.org/wiki/Salt_%28cryptography%29
Chaîne de données
aléatoires qui est concaténée avec des données de source avant quune fonction
de hachage unilatérale ne soit appliquée. Les variables dentrée peuvent
réduire lefficacité des attaques de tableaux arc-en-ciel. Voir aussi hachage
et tableaux arc-en-ciel.
http://fr.pcisecuritystandards.org/
Temas relacionados