Home/ Questions/Q 6237009
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-24T10:57:01+00:00

I searched all over the Net, including here on SO: There is a lot

  • 0

I searched all over the Net, including here on SO: There is a lot of discussion on the need to salt passwords before hashing and storing them.

In case the password is used to compute a key used for encryption (“Password Based Encryption”): what if you do not store the password at al?

Suppose:

For encryption

  1. the users enters a master password
  2. this is SHA256 hashed and the output is used to AES256 encrypt a file
  3. the hash is not stored (and obviously neither is the master password)

For decryption

  1. The users enters the master password
  2. This is SHA256 hashed and the output is used to decrypt the file
  3. If the decryption was successful, the password was – apparently – correct

My question:

When not storing anything except the encrypted file itself, is there any benefit in salting the master password before hashing it?

Considerations:

  • it would probably reduce the likelihood of a hash-collision
  • it would require the salt to be stored.

  • if the salt were lost/corrupted the user would not be able to decrypt the file anymore

  • how to check for successful decryption in step3: does this require part of the file contents to be known?

  • if so, how much of a faux-pas is storing a known value in an encrypted file (this cannot always be prevented – an attacker might guess that for example the users last name is encrypted somewhere in the file – an be correct).
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    If you are not storing the master password then there is no need to salt it. If you are reusing the master password to generate a lot of single-use passwords then it will need to be stored encrypted and decrypted as required.

    Salting is for long term storing of user passwords that have to be matched more than once so that people with the same password don’t have the same hash, which would help an attacker who stole the file.

    Salt is for hashing in long term storage, an IV is for encryption using CBC mode (or CTR mode where it can also be called a nonce).

    As to checking that your file has decrypted correctly, just ensure that you use a padding like PKCS7. When the last block is decrypted the padding will be checked to ensure it is in the right format. If the decryption failed then the padding will not be correctly formatted and you should get a “Padding failed” error.

    • 0