Advantage of Salt Without salt -Same hash functions on all machines Compute hash of all common strings once Compare hash with all known password hashes With salt -One password hashed 212 different ways Precompute hash file? -Need much larger file to cover all common strings Dictionary attack on known password file -For each salt found in file,try all common strings CSE825 66 Advantage of Salt Without salt ─ Same hash functions on all machines ● Compute hash of all common strings once ● Compare hash with all known password hashes With salt ─ One password hashed 212 different ways ● Precompute hash file? – Need much larger file to cover all common strings ● Dictionary attack on known password file – For each salt found in file, try all common strings CSE825