Security Encyclopedia

Salted Secure HASH Algorithm

Commonly referred to as SCRAM, is a protocol used to support password based authentication. It is a revision to the previous CRAM protocol. Mutual authentication is established between the client and server through sharing salt that was generated on the server and an ic(iteration counter). Commonly this protocol is used in XMPP, IMAP, SMTP.

SCRAM secures password hashes against dictionary attacks by adding a layer of randomness through salting. The objective of salting is to protect against brute force attacks against hashed passwords as well as rainbow tables.
Since salts don’t need to be retained by users they can make the size of the rainbow table or prohibitively large for an attacker. Since salts are distinctive in every password, they offer a much higher level of security for passwords.