lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 22 Mar 2014 22:20:12 -0700
From: "Jeremy Spilman" <>
Subject: Re: [PHC] Transforming hash to different cost setting

On Sat, 22 Mar 2014 22:06:57 -0700, Jeremy Spilman <>  

> If you start at 5/5 (meaning a single round at cost '5') and increase  
> all hashes offline to be 5/7 (consecutive rounds at 5, 6, 7) then you  
> want to find the single round (8/8?) which matches the latency of 5/7 as  
> closely as possible.

'5/7' could also mean consecutive rounds just at costs 5 and 7. There's no  
point in running more than one additional round for a single offline  
upgrade, since it's guaranteed to be less efficient than just picking just  
one additional round/cost setting to add.

That is, unless you actually have stacked multiple offline upgrades onto  
the same hash while the user still hasn't ever successfully logged in, in  
which case you would be forced to keep stacking. But now we're storing  
'cost[]' with each hash.

As Krisztian pointed out, at some point you could just clear out JUST the  
password to force a reset if they ever do show back up. But then, to avoid  
the same attack, you need to actually hide this fact from the user.  
Luckily, they haven't logged into your system in so long, they can't  
possible remember their old password, so they'll inevitably just blame  
themselves for forgetting it when they click 'Reset'. That is, unless  
they're using a password manager, in which case they'll probably assume  
your site was hacked.

Forget "too many secrets" more like "too many trade-offs"!

Powered by blists - more mailing lists