This is utterly trivial to decode and provides no security whatsoever.ī) you modify the Base64 encoding algorithm in some way to incorporate your "salt". When you say "salted Base64" that means one of two things to me:Ī) you append the salt value to the plaintext then Base64 encode it. You will often see output from encryption algorithms in Base64 format simply because the ciphertext they output is often composed of bytes that aren't printable in simply 8-bit ASCII, so a Base64 encoding is applied to the ciphertext AFTERWARDS for ease of transmission over text-based media. In both cases the salt value may be static and commonly known by all both encrypter and decrypter, or may be dynamically generated per plaintext you encrypt, in which case you need some other out-of-band means to transmit the salt values to the decrypter.īase64 is a simple transformation only - it is NOT encryption. This prevents a simple rainbow attack using tables of pregenerated hash values for all lengths of plaintext. When generating a hash from data (MD5, SHA, etc.) - you typically append the salt to the plaintext itself. This helps if the key is compromised and the salt isn't, and generally help prevent weak keys being used if the salt is complex enough. When encrypting data using a key-based algorithm (Blowfish, TripleDES, AES, etc.) - you typically append the salt to the key/passphrase during encryption to increase the complexity of the key.
0 kommentar(er)
