Salty now uses PBKDF2
There’s now just a single
salted_hash function that looks like this:
def Salty.salted_hash(str,salt) pbkdf2 = PBKDF2.new(:password => str, :salt => salt, :iterations => 1000) pbkdf2.hex_string end
as opposed to previously:
def Salty.hash_fn(str) sha512 = Digest::SHA2.new(512) sha512.hexdigest(str) end def Salty.salted_hash(str,salt) res = str 100.times do res = hash_fn(res+salt) end res end
Again, this is all just implementation-level stuff. You still just encrypt with
Salty.hash and check with
Salty.check (as described here).
You’ll also notice the number of iterations has been raised from 100 to 1000. I might play around with varying the number of iterations based on the string length, if that does anything for security.
I might also add support for keeping track of what method was used to encrypt a particular string, as to maintain backwards compatibility with older versions, if the encryption method changes again. Right now you should not upgrade to 0.1 from 0.0.*, or else you’ll be comparing PBKDF2 output to SHA512 output.