tex: update rainbow tables sec

2023-05-25 13:11:03 +02:00 · 2023-05-25 13:11:03 +02:00 · 52ce04f4a2
commit 52ce04f4a2
parent f350b0d555
2 changed files with 7 additions and 5 deletions
--- a/tex/abbreviations.tex
+++ b/tex/abbreviations.tex
@ -7,6 +7,7 @@
 \begin{tabular}{ll}
 SHA & Secure Hash Algorithm \\
 AES & Advanced Encryption Standard \\
 CSPRNG & Cryptographically Secure Pseudo-Random Number Generator \\
 ID & Identity \\
 PID & Process ID \\
--- a/tex/text.tex
+++ b/tex/text.tex
@ -140,11 +140,12 @@ message: the password.
 One of the popular counter-measures to pre-computed tables is adding a
 \emph{salt} to the user-provided password before passing it to the KDF (Key
 Derivation Function) or the hash function. Of course, the salt should be random
-per-user and not reused, as that would mean two users with the same password
+\textbf{per-user} and not reused, as that would mean that two users with the
-would still end up with the same hash, and the salt should also be adequately
+same password would still end up with the same hash, and the salt should also
-long to be effective. As the salt is supposed to be random, it would be a good
+be adequately long to be effective. As the salt is supposed to be
-idea to use an actual CSPRNG (Cryptographically Secure Pseudo-Random Number
+\emph{random}, it would be a good idea to use an actual CSPRNG, such as
-Generator), such as \textbf{Fortuna}~\cite{fortuna} as a source.
+\textbf{Fortuna}~\cite{fortuna} as a source of entropy (randomness). In
 FreeBSD, Fortuna is in fact the one serving \texttt{/dev/random}.
 \n{3}{TLS}\label{sec:tls}