[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Salted passwords
- To: "'T Biehn'" <tbiehn@xxxxxxxxx>, <Valdis.Kletnieks@xxxxxx>
- Subject: Re: [Full-disclosure] Salted passwords
- From: "Lyal Collins" <lyalc@xxxxxxxxxx>
- Date: Tue, 11 Aug 2009 15:27:45 +1000
I'm not a crypto guru, but it seems to me that this issue can be
crypto-anlayses somewhat like the speedups used to find hash collisions (if
I understand them at all).
The goal in both cases is to find a hash that 'collides' with a known hash
(password hash, or CC number of 6 BIN digits, 9,999,999,999 values and 1
checkdigit) from a known format.
i.e pre-compute some portion of the salt+_static_string_portion, then
brute-force the remainder of the string.
As long as the salt is private or long enough, then does it matter?
lyalc
-----Original Message-----
From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of T Biehn
Sent: Tuesday, 11 August 2009 6:51 AM
To: Valdis.Kletnieks@xxxxxx
Cc: full-disclosure
Subject: Re: [Full-disclosure] Salted passwords
Valdis,
I don't have control over the set. Sorry I wasn't more explicit about this.
Although, it should have been obvious that the solution needed to satisfy
the conditions:
Data to one way hash.
The set has 9,999,999,999 members.
Thanks for your input sweetie!
-Travis
On Mon, Aug 10, 2009 at 4:26 PM, <Valdis.Kletnieks@xxxxxx> wrote:
> On Sun, 09 Aug 2009 20:14:57 EDT, T Biehn said:
>> Soliciting random suggestions.
>> Lets say I have data to one-way-hash.
>> The set has 9,999,999,999 members.
>
> Actually, if you're using a 10-digit decimal field, you probably have
> 10**10 possible members - all-zeros counts too (unless there's *other*
> reasons zero isn't a legal ID). It's those little off-by-one errors that
tend to get you.
> ;)
>
>> It's relatively easy to brute force this, or create precomp tables.
>
> That's because you only have 10M billion members to brute force against.
>
>> So you add a salt to each.
>
> A better idea cryptographically would be to fix the 10**10 member
> limit, so that the set *could* have a much higher possible number of
> members. Even staying at 10 characters, but allowing [A-Za-z0-9] (62
> possible chars) raises your space to 62**10 or about 8.3*10**17 (or almost
10M times the difficuly).
> That's why most symmetric crypto algorithms use at least 64-bit or
> even larger keys, and even larger for RSA and similar public-key systems.
>
>
--
pgp http://pastebin.com/f6fd606da pgp
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/