lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 17 Feb 2013 20:43:04 +0000
From: Marsh Ray <>
To: Steve Thomas <>, ""
Subject: RE: [PHC] Different cost settings and optional input

From: Steve Thomas [] 
Sent: Sunday, February 17, 2013 2:03 AM
Subject: RE: [PHC] Different cost settings and optional input6.58

On February 17, 2013 at 1:18 AM Marsh Ray <> wrote: 
>  6,458,020 unique SHA1s were leaked from LinkedIn. So let's assume you are right on 50% cracked in one minute. If it was properly salted the best case is it will take 3,229,010 minutes (6,458,020 * 50%) or about six years. Granted crackers would be smarter on their guesses so it would be less than six years to crack 50%.

50% of the users selected one of the N_50 most common passwords. I'm guessing N_50 is well under 100,000.

So an attacker who was after the most number of passwords would try the most common N_50 against each hash in turn.

N_50 = 100,000

Attacker Hps = 10e9 sha1/s

Not salted: N_50 sha1 / Hps = 10 ms to crack 50% of passwords

Salted: N_50*6458020 = 65.8e9 sha1 / Hps = 6.58 s to crack 50% of passwords (plus 10 ms to build the dictionary)

So salting means the single-GPU attacker requires 6.58 s instead of 10 ms.

Am I wrong in my estimate of N_50? I got the impression from previous breaches that it was typically more like 10,000. What am I missing?

- Marsh

Powered by blists - more mailing lists