Last post Nov 10, 2017 07:33 AM by kelmen
Nov 10, 2017 05:21 AM|Kelmen|LINK
i adopt hashing for my new .net app security
my understanding is the hash size is depending on the hashing/crypto algorithm used.
what about the salt size? in my past projs, it's half size of the hash, i can't recall why
any recommendation to the salt size?
Nov 10, 2017 07:10 AM|Rohit Rao|LINK
There is no such recommendation that salt size should be same as Hash or half of hash. The salt is only used to differentiate the same value that going to be hashed. e.g. two accounts have same password then hash result should be different. The other place
where it is heavily used is Rainbow Table.
So, for rainbow attack, The salt size should be large enough. 128 / 256 bits is more than enough to handle the rainbow attack. Here is the great article-
Nov 10, 2017 07:33 AM|Kelmen|LINK