Verification of hashed password does not need salt?

This is a generic question about storing hashed password with salt in a database.

I'm implementing https://docs.rs/rust-argon2/0.5.1/argon2/

If you would open the web page above and see this line:
let matches = argon2::verify_encoded(&hash, password).unwrap();

You'll see that the logic takes the hash (supposed retrieved from the database) with the password (supposed which the user entered on a web page) and it can produce the verify result. It doesn't even need to use the salt.

Therefore, the salt is used only upon producing the hashed password, and not during verification. Is my understanding correct?

That's correct. The salt is included in the hash that is stored in the database, so you don't need to store or retrieve it separately.

Thanks for your reply!

I'm kind of puzzled. How does it work then? How does it take a plain password and compare it against a hashed string? Any external doc to read up?

An example encoded hash looks like $argon2i$v=19$m=4096,t=3,p=1$c29tZXNhbHQ$iWh06vD8Fy27wf9npn6FXWiCX4K6pW6Ue1Bnzz07Z8A. You can see that all of the configuration bits are included, including c29tZXNhbHQ which I'm guessing is the salt.

1 Like

That's correct - the encoded hash is in PHC format. When decoding a hash in this format, the argon implementation is given all the information it needs to run (it should use Argon2i, memory size 4096, salt c29tZXNhbHQ, raw hash data iWh06..., etc.

e: So to be more clear, argon absolutely needs the salt - it's just provided in the same string as the hash.

2 Likes