Score:1

How to reverse engineer Salt from password, iterations, and key?

de flag

Let's say that a random key is derived using the following function (PBKDF2).

key = fn(password, salt, iterations)

Q1: How can I reverse engineer the salt from the password, iterations, and the key?

Q2: If the same salt is used for generating the key, how can I reverse engineer the salt from the password, iterations, and the key?

Swashbuckler avatar
mc flag
Brute force (good luck with that as the recommended minimum salt length for PBKDF2 is 16 bytes) But in the real world the salt is not a secret so there's no need to try to find it, it's the key that's the secret.
de flag
Even with Brute force, how difficult it can get?
jp flag
I don't understand how the second question is different from the first. You say "same salt", but what's it the same as?
de flag
@GordonDavisson A fixed salt is used to derive the keys. However, a new password and iteration are generated every time. So the question really is that if or how the salt can be reverse engineered by mining the password, iterations, and the key?
Score:3
fr flag

PBKDF2 is based on HMAC using a cryptographically secure hash function. Assuming the hash function is secure, the easiest approach will be brute force. Assuming you know the password, then the difficulty is the amount of entropy in the salt. So if you picked 16 random bytes, that provides 128 bits of entropy, and you'll require more energy than is required to boil all the world's oceans. 16 or 32 random bytes are customary amounts of salt to use when no other guidelines are given, both of which will be computationally infeasible to guess.

In general, we don't consider salt to be secret. It is generally stored along with the iteration count in plaintext when storing passwords, and in cryptographic protocols like TLS and SSH, the salt is sent in plaintext as part of the cryptographic negotiation.

de flag
Thank you for answering. I have edited the post with a follow up question. Can you please address that as well?
bk2204 avatar
fr flag
Literally the same answer applies. It is no easier in this case.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.