Why is a password salt called a “salt”? [closed]
https://stackoverflow.com/questions/244903
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Is there a significance to the word "salt" for a password salt?
Solution
http://www.derkeiler.com/Newsgroups/comp.security.misc/2003-05/0154.html
The use of the word "salt" is probably a reference to warfare in ancient times, when people would salt the wells or farmland to make it less hospitable. The Romans are sometimes supposed to have done this to Carthage in 146 BC. In the context of passwords, a "salted" password is harder to crack.
Apparently, there's no strong evidence even for the original "salting" of Carthage (http://en.wikipedia.org/wiki/Salting_the_earth) claim, but an interesting hypothesis nonetheless.
OTHER TIPS
Maybe because salt goes well with hash?
The only meaning is that you are adding something to your password before you hash it, similarly to adding salt to your meal :-)
According to Ken Thompson, one of the first people to use the term in a book, it's related to the term "salting a mine", referring to gold mines. Whether that is "correct" or not who knows? I doubt there's an actual correct answer to this, it's just one of those terms that doesn't really have to have a reason as long as what it means is understood.
I would guess because it's easy to add "salt" (NaCl or a fixed string). But once you do, the output is irrevocably changed (food, encrypted password).
I had thought it related to the verb salt ...
(salt away) informal put by (money) secretly.
Because before you hash the password, you add a random text to it. So, it looks like as if you add some "salt" to the original "food" ... password :)
Once you add salt to food the real taste is no longer visible. So basically this is a figurative saying; add a little salt and it changes the original dish.
