| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <548BE4B1.2050106@bindshell.nl> Date: Fri, 12 Dec 2014 23:03:13 -0800 From: epixoip <epixoip@...dshell.nl> To: discussions@...sword-hashing.net Subject: Re: [PHC] How important is salting really? On 12/12/2014 2:25 PM, Dennis E. Hamilton wrote: > --Responding to-- > From: epixoip [mailto:epixoip@...dshell.nl] > Sent: Friday, December 12, 2014 13:10 > To: discussions@...sword-hashing.net > Subject: Re: [PHC] How important is salting really? > > [ ... ] > > It's not just about indexing by salt, though. You still have to maintain > a list of salts to hash each plaintext candidate with, and remove salts > from said list when a salt is eliminated. Regardless of how you do it, > it is the number of salts, not the number of hashes, that slows down a > cracking job. Unless you are working with very large lists on AMD GPUs, > but that's a whole nother can of worms. > > <orcnote> > I believe there is no need for the defender to maintain an index of > used salts We're talking about password cracking software, not defenders. > In this way, the adversary has to deal with each salt||hash combo as > unique, with no opportunity to exploit duplications. We don't get an opportunity to exploit duplications, but we still get a speedup by maintaing a separate salt table, even if all salts are unique. You eliminate more salts faster by looping over the salts for each word in a wordlist, as opposed to looping over the wordlist for each hash.
Powered by blists - more mailing lists