Salt (Cryptography)

What is Cryptographic Salt?

Cryptographic salt is random data added to passwords or other sensitive information before hashing. This technique enhances security by ensuring that identical passwords produce different hash values, preventing attackers from using precomputed tables (rainbow tables) to crack passwords.

How Salt Works

1. Generate Random Salt: Create a unique, random string for each password
2. Combine with Password: Append or prepend the salt to the password
3. Hash the Combination: Apply a cryptographic hash function to the salted password
4. Store Both: Save both the hash and the salt in the database

Salt Characteristics

• Unique: Each password should have a different salt
• Random: Generated using cryptographically secure random number generators
• Sufficient Length: Typically 16 bytes (128 bits) or more
• Stored with Hash: The salt must be stored alongside the hash for verification

Salt Implementation Example

Node.js Example

const crypto = require('crypto');

// Generate a random salt
function generateSalt(length = 16) {
  return crypto.randomBytes(length).toString('hex');
}

// Hash password with salt
function hashPassword(password, salt) {
  return crypto.pbkdf2Sync(password, salt, 100000, 64, 'sha512').toString('hex');
}

// Usage
const password = 'user_password123';
const salt = generateSalt();
const hashedPassword = hashPassword(password, salt);

console.log(`Salt: ${salt}`);
console.log(`Hashed Password: ${hashedPassword}`);

Python Example

import os
import hashlib

def generate_salt(length=16):
    return os.urandom(length).hex()

def hash_password(password, salt):
    return hashlib.pbkdf2_hmac('sha256', password.encode(), salt.encode(), 100000).hex()

# Usage
password = "user_password123"
salt = generate_salt()
hashed_password = hash_password(password, salt)

print(f"Salt: {salt}")
print(f"Hashed Password: {hashed_password}")

Why Use Salt?

Security Benefits

• Prevents Rainbow Table Attacks: Makes precomputed hash tables ineffective
• Unique Hashes: Ensures identical passwords have different hashes
• Enhances Password Security: Adds an additional layer of protection
• Complements Hashing Algorithms: Works with bcrypt, Argon2, PBKDF2, etc.

Without Salt vs With Salt

Salt Best Practices

1. Use Cryptographically Secure Random Generators: Never use predictable values
2. Generate Unique Salts: Each password should have its own salt
3. Use Sufficient Length: Minimum 16 bytes (128 bits) recommended
4. Store Salt with Hash: Required for password verification
5. Combine with Strong Hashing: Use with algorithms like bcrypt, Argon2, or PBKDF2
6. Don't Reuse Salts: Generate new salt for each password change
7. Follow NIST Guidelines: Comply with current security standards

Salt in Common Hashing Algorithms

bcrypt

• Automatically generates and stores salt
• Format: $2b$[cost]$[22-character salt][31-character hash]
• Example: $2b$10$N9qo8uLOickgx2ZMRZoMy...

Argon2

• Supports salt as a parameter
• Winner of the Password Hashing Competition
• Highly resistant to GPU and side-channel attacks

PBKDF2

• Requires explicit salt parameter
• Configurable iteration count
• Widely supported across platforms

scrypt

• Uses salt and is memory-hard
• Designed to resist hardware-based attacks
• Used in cryptocurrencies and password storage

Salt vs Pepper

Common Salt Mistakes

1. Using Predictable Salts: Like usernames or email addresses
2. Reusing Salts: Same salt for multiple passwords
3. Insufficient Length: Too short salts are easier to brute force
4. Not Storing Salt: Makes password verification impossible
5. Using Weak Random Generators: Like Math.random() in JavaScript
6. Hardcoding Salts: Should never be hardcoded in source code
7. Using Static Salts: Same salt for all users

Further Reading

• OWASP Password Storage Cheat Sheet
• NIST Digital Identity Guidelines
• Cryptographic Right Answers
• Password Hashing Competition
• bcrypt Paper