Why should I use a salt value in storing security keys (such as passwords/passphrases)?

John Mitchell

Adding a large enough salt makes precomputed dictionary attacks infeasible (i.e., as hard as a brute force attack). Basically, for any given input, adding a salt value increases the number of potential outputs that must be precomputed for the attack to work. I.e., salting increases the space costs rather than the computation time costs for attacking a single key.

Critically, you want to use a different salt value for each of your keys so that an attacker is again forced to recompute everything from scratch rather than having to just compute the dictionary once and then try that against all of your keys. I.e., separate salting increases the time and space costs in attacking multiple keys.

For more on password security (where salting is most commonly used) check out: Password Security: A Case History.

For an example of a precomputed dictionary based cracker for traditional Unix passwords, check out: qcrack.