lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <2d6724810908100913s1a2d4fd5x1a4375a95408e467@mail.gmail.com>
Date: Mon, 10 Aug 2009 12:13:06 -0400
From: T Biehn <tbiehn@...il.com>
To: antisec@...hmail.com
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Salted passwords

I'm flattered; If you only knew what it was for...
IHBT?

-Travis

On Mon, Aug 10, 2009 at 12:08 PM, <antisec@...hmail.com> wrote:
> AntiSec would like to approach you by telling you to keep you
> whitehat filty ass off our list, Travis.
>
> Have a nice day sucking off Aitel.
>
> On Sun, 09 Aug 2009 20:14:57 -0400 T Biehn <tbiehn@...il.com> wrote:
>>Soliciting random suggestions.
>>Lets say I have data to one-way-hash.
>>The set has 9,999,999,999 members.
>>It's relatively easy to brute force this, or create precomp
>>tables.
>>So you add a salt to each.
>>Still easy to brute force.
>>If you were to create it in such a way that the hash could exist
>>anywhere in the set member, does this increase the cost of
>>computation
>>enough?
>>
>>That is, consider a member 'abcdefg' with salt 329938255.
>>When authenticating against the server, it must permute over all
>>possible combinations of the salt and the set member in order to
>>determine the validity of the password.
>>
>>If anyone has a better approach, or would like to approach me off
>>list, or knows of a list more suited to these queries please feel
>>free
>>to redirect me :)
>>
>>-Travis
>>
>>_______________________________________________
>>Full-Disclosure - We believe in it.
>>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>Hosted and sponsored by Secunia - http://secunia.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ