I've just read many, many articles on SO about hashing passwords with salt however i just cannot locate an response to the specific query/confusion I've.
Let us say I've just carried this out way of adding your password and salt towards the DB:
- Produce a random salt
- Hash the customers password + salt together
- Keep hash output because the password in column 'password'
- Keep random salt in column 'salt'
If this sounds like correct, what goes on when an assailant will get use of my DB? Surely whether they can read exactly what the salt value is for your hashed password, they are able to exercise exactly what the hashed password is with no salt after which make use of a rainbow table? Or perhaps is it smart to secure the salt value too with something that's reversible?
When the salt value is saved in plain-text, I simply cannot see the purpose of it. Please enlighten me?
When the attacker reaches the database then all bets are off, but so far as salt ...
The purpose of a salt is not to become secret but instead to thwart rainbow attacks -- a rainbow attack is a that is carried out by a rainbow table. Along with a rainbow table is simply pre-produced hashes of untold thousands of passwords (it is a space-time tradeoff). The development of a salt invalidates these precomputed hashes: a rainbow table should be designed for each unique salt.
- Create a salt random, and
- Create a salt large
Now, when the attacker is assumed to have the database then there's one other issue: the attack speed isn't limited, which is why your password hashing plan like bcrypt or multiple-models is valuable. It may decelerate the attack-speed from 100s of millions of hashes per second (MD/SHA and buddies were made to become fast) to, say, a couple of hundred per second (on a single hardware)... Also consider an HMAC approach, that also includes a server-secret (which makes it effectively password+salt+secret).
(I'd only use a current system that already addresses each one of these issues, and much more :-)
The steps you outline are correct.
When the attacker accesses your database, he needs to perform a brute pressure search from the possible passwords as well as the random salt. If you are using a 64-bit reasonably random salt, then there will not be two records utilizing the same salt, so any rainbow table attack only works best for (for the most part) one salt value at any given time, making the rainbow table attack too costly to become useful. (You may also check to make sure that there's not one other password utilizing a given salt whenever you establish the salt for any user.)
The purpose of the salted hashed password process is to really make it computationally infeasible to precompute possible password hashes, since the random salt screws in the precomputation process.
Additionally, it implies that when the same password can be used at different sites, it will not be apparent simply by searching in the (salted hashed) password values - since the salts will change in the different sites, therefore the resulting hash value will change. (Obviously, when the password was discovered for just one site, then your attacker will attempt that password first in the next site it's still best to not make use of the same password in multiple locations. But the truth that exactly the same password is being used is hidden.)
Let us say you did not make use of a salt as well as an attacker got your hashes. All she'd have to do to is compare the hashes to some research table and find out if the hashes are for known passwords. Let us the table includes a million passwords inside it. She will very effectively check all of your hashes against millions of possible passwords.
Now let us the same attacker got your hashes, but they're salted. For every hash she would like to look at, she'll have to take the candidate password, apply the salt, compute a brand new hash, and compare it towards the hash you've saved. Now she needs to perform a lot of information and it is not as efficient. (Alternatively, she will have a research table with every possible salt inside it, but OK, then she will need a research table that's orders of magnitude bigger compared to one without salts.)
It is all about making the quantity of assets needed to hack the hashes a lot more than it's worth towards the attacker.