I have some doubt about effectiveness of salt. Indeed it’s fake security. I’m gonna to illustrate you something.
MD5 is like a division in which we take quotient and/or remainder part and stop. For instance: 5/2=2 remainder 1
We were originating this with 5 and 5. The same result is possible also dividing 50 by 20 = 2 remainder 1
Now … what’s the meaning adding salt to password if the resulting md5 it’s just something that I can obtain in a different manner ? I would say if the hash f74g28dae85 is obtainable with 'holy-shit+password, but I can obtain it also with ‘trouble’ … it’s not necessary that I now the original salt+password ( ‘holy-shit’+password )… once I got the combination of characters that generates the same hash, I’m ready.
What does it mean ?
It means that weak points of md5 sha1, 2 etc are:
- fixed length
- manner in which they are generated: they are not univoque
- fixed charset
from the other side, something univoque is easily decryptable too.
In few words: if you generate a simple database containing each combination of hash’s characters and for each one at least ONE word that generates it, you cracked all the md5 world.
md5 returns a string of 32 characters. They are alphanumeric but the set is: 0123456789abcdef it’s hexadecimal.
so you have to generate a db that contains a finite number of md5 and it’s related generating word.
How many do they are ? being 32 fixed characters in which each one has 16 possible variations, the number is huge but not so much and it’s finite:
16 rise 32 power what a number.
it means that you have to find: 1,0633823966279326983230456482243e+37 words
but each letter is 1 byte ( 8 bit ) so each word is 256 bytes long
it will require an amount of bytes: 8,7112285931760246646623899502533e+40
it means: 75557863725914323419136 Enna Bytes !!! ( 1 Enna byte = 1024 Peta Bytes … 1 byte = 8 bit and 1 kBytes = 1 024 bits )
Are you capable to do this ?
Are you talking again about weak points of md5 and the necessity to insert salt ?
I really can tell you that if you obtain this huge database, you can put the salt into the toilet because it’s useless.
But even with rainbow tables that actually are on line you can put it on toilet, because it’s just PROBABILITY, to find a combination of characters that gives the same result of your password + salt.
What is the probability ? it’s of course in the worst case 1/3,4028236692093846346337460743177e+38 and normalizing this you obtain 2,9387358770557187699218413430556e-37%
Of course, you can be lucky at the second tentative to get one. ore more in 20 tentatives. The frequency of this is totally unknown and it’s unknown the probability to find immediately 10 words that generates the same hash of other 10 … statistically is equally distributed … in the reality depends from your ass-factor