Re: [Full-disclosure] Salted passwords

I'm not a crypto guru, but it seems to me that this issue can be
crypto-anlayses somewhat like the speedups used to find hash collisions (if
I understand them at all).

The goal in both cases is to find a hash that 'collides' with a known hash
(password hash, or CC number of 6 BIN digits, 9,999,999,999 values and 1
checkdigit) from a known format.
i.e pre-compute some portion of the salt+_static_string_portion, then
brute-force the remainder of the string.

As long as the salt is private or long enough, then does it matter?

-----Original Message-----
From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of T Biehn
Sent: Tuesday, 11 August 2009 6:51 AM
To: Valdis.Kletnieks@xxxxxx
Cc: full-disclosure
Subject: Re: [Full-disclosure] Salted passwords

I don't have control over the set. Sorry I wasn't more explicit about this.
Although, it should have been obvious that the solution needed to satisfy
the conditions:
Data to one way hash.
The set has 9,999,999,999 members.

Thanks for your input sweetie!


On Mon, Aug 10, 2009 at 4:26 PM, <Valdis.Kletnieks@xxxxxx> wrote:
On Sun, 09 Aug 2009 20:14:57 EDT, T Biehn said:
Soliciting random suggestions.
Lets say I have data to one-way-hash.
The set has 9,999,999,999 members.

Actually, if you're using a 10-digit decimal field, you probably have
10**10 possible members - all-zeros counts too (unless there's *other*
reasons zero isn't a legal ID).  It's those little off-by-one errors that
tend to get you.

It's relatively easy to brute force this, or create precomp tables.

That's because you only have 10M billion members to brute force against.

So you add a salt to each.

A better idea cryptographically would be to fix the 10**10 member
limit, so that the set *could* have a much higher possible number of
members.  Even staying at 10 characters, but allowing [A-Za-z0-9] (62
possible chars) raises your space to 62**10 or about 8.3*10**17 (or almost
10M times the difficuly).
That's why most symmetric crypto algorithms use at least 64-bit or
even larger keys, and even larger for RSA and similar public-key systems.

pgp pgp

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -

Relevant Pages