I am having difficulty understanding how a salt which is appended to a hash helps improve the security when a database of passwords or other important information is compromised.
If the salt is, for example, “hello”, and is appended to the password “password” then the salt and password are stored together, “hellopassword” and hashed to produce:
94e66f94517d606d5ad6d9191b980408952f2ed2 (sha1)
with the salt then appended:
hello$94e66f94517d606d5ad6d9191b980408952f2ed2
How is this more secure? The attacker knows the salt so can now compute the passwords with little extra difficulty… right? Or am I fundamentally misunderstanding something?
No, not with “little extra difficulty” – with potentially significantly more difficulty.
Imagine there are two billion common passwords. It’s easy to hash all of those and store the results. Then if you have an unsalted password hash, you can just check which common passwords match the given hash.
Now compare that with a salted hash… now you have two billion common passwords, but also several billion possible salts. Computing all the possible salt/password combinations will take much, much longer – hopefully becoming infeasible.
Additionally, it means that even if two people have the same password, they are very likely to have different hashes – so carelessness of one user in revealing their password doesn’t risk the security of the other.
See the Wikipedia entry (if you haven’t already) for more on this.