lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 12 Dec 2014 11:48:49 +0100 (CET)
Subject: Re: [PHC] How important is salting really?

On Fri, 12 Dec 2014, Ben Harris wrote:

> On 12 December 2014 at 17:53, epixoip <> wrote:
>       Thus the salt table shrinks with each successful
>       crack, and the effective speed of the attack increases with each
>       eliminated salt.
> A rather confusing way to describe things. If we are attacking all password
> hashes, one password at a time (from the most common down). Then each time we
> find a match, the pool of hashes decreases and subsequent passwords can be
> search faster.

Ah, now I see what epixoip means. I don't think, this comes even close to 
a justification for *not* using salts.

> At the moment an attacker can calculate somewhere between 10^10 - 10^15
> SHA256 per dollar in electricity. They can scan a list of 1 million common
> passwords for about a thousandth of a cent. If this cost were much higher (>>
> $1), then the economics of the attacks would change.
> If there was no salt, then the cost would be drastically lower and the
> attacker could start the attack before getting the hashed passwords.

Yes, that was the point I was trying to make.

So long


------  I  love  the  taste  of  Cryptanalysis  in  the morning!  ------
--Stefan.Lucks (at), Bauhaus-Universit├Ąt Weimar, Germany--

Powered by blists - more mailing lists