Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

What is Gain Of Salt

Status
Not open for further replies.
any body knows about
what is the purpose of "gain of salt" in network security
 
Click to expand...
I've never heard of that. I've heard "grain of salt", an expression unrelated directly to network security.

There is a security forum here where you might check.
 
Sorry, it is Grain of Salt and is related to Encryption

kindly give some information about it if you have any.

thanking you in advance.
 
Ok, but I've still never heard this in relation to encryption.

The general meaning of "to take something with a grain of salt" is explained here:
To take something "with a grain of salt" basically means don't put too much faith in it. Be skeptical, usually of some claim that's being made. It could be applied to security claims as well as anything else, of course.
 
thanks alot
 
salt" is used in some crypto algorithms. It is a "random" string you prefix to something to avoid to have the same cyphertext for the same clear text. Maybe an example makes it clearer. On UNIX servers they used to encrypt the password in the /etc/file. Lets imagine some crypto function that encrypts the password "mypassword" to "aC&@@uP23y". On these UNIX systems anyone could read the /etc/passwd file. Imagine I see someones encrypted password and it is exactly the same as my encrypted password (in the same file). I now know the other user has the same password as me (unlikely, but it could happen). In order to prevent this a "salt" is added (prefixed to the cleartext password) If I recall correctly, the salt originally used was the username. Instead of encrypting "mypassword" they would encrypt "usernamemypassword" and store this result in /etc/passwd. Since usernames are always different if two users would by accident have the same password, the /etc/passwd file would not reveal this...

It's not a "grain of salt", but at least "Salt" in the context of crypto...

CU
G.
 
Status
Not open for further replies.

Similar threads

CryptoTuke
  • Locked
  • Question Question
Maximum buffer size on Winsock for sending one block of data over TCP / IP
Replies
1
Views
2K
maybeimaleo
maybeimaleo
jmarkus
  • Locked
  • Question Question
Can I have a different private IP address which isn't on my router's subnet?
Replies
6
Views
1K
sbcsu
sbcsu
anoop12
  • Locked
  • Question Question
SNMP agent identification of a device as Printer
Replies
0
Views
291
anoop12
anoop12
dane775
  • Locked
  • Question Question
What should TCP do with Dup SYNs?
Replies
0
Views
265
dane775
dane775
DrB0b
  • Locked
  • Question Question
Multiple WiNG Zebra Access Points with possible issue
Replies
1
Views
991
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top