[nycphp-talk] security, sessions, and encryption
Chris Shiflett
shiflett at php.net
Tue Mar 16 12:18:25 EST 2004
--- Jim Hendricks <jim at bizcomputinginc.com> wrote:
> > This random alphanumeric string is know as the SALT, correct?
>
> Honestly, you got me there, I'm not sure what SALT is unless your
> talking the condiment. My random alphanumeric string is to be used
> as a key for encryption of other data in the system.
A salt can alter an algorithm, such as DES, to make it a bit less
predictable. In fact, using a salt allows for 4096 variations of the DES
algorithm.
What you're describing sounds like a symmetric key.
Chris
=====
Chris Shiflett - http://shiflett.org/
PHP Security - O'Reilly
Coming mid-2004
HTTP Developer's Handbook - Sams
http://httphandbook.org/
PHP Community Site
http://phpcommunity.org/
More information about the talk
mailing list