lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 13 Mar 2015 09:34:28 -0400
From: Jeremy Spilman <>
To: "" <>
Subject: Re: [PHC] Password hashing by itself is not enough

> On Mar 13, 2015, at 8:43 AM, Justin Cappos <> wrote:
> Multiple passwords protect a secret that obscures all of the hashes.  This makes it so that groups of passwords must be checked together and all must be correct to learn if any were correct.

Or, pull the secret from memory when you steal the hashes?

I do think it's a very innovative way to hide a key! How does it compare to, say, a pepper which is only kept in RAM?

In either case you need some admin (threshold account) input when the server first boots to ensure all users can immediate start logging in. In either case the secret can be stolen over the network from a compromised server. 

The volatile pepper would be just 32-64 byte rand, so either you steal it from RAM and you crack passwords as usual, or you don't steal it and you crack zero passwords.

The PolyPass secret key has an effective entropy probably close enough to that to achieve the same effect, assuming public users can't stuff the database with their own accounts to be able to reconstruct the secret.

Powered by blists - more mailing lists