undefined | Better HN

0 pointstptacek17y ago0 comments

The salt is "439a". The MD5 hash of a<439a> is "57ec1dc4757768c9961ec5a46eb2a36f". Did that match? No? The MD5 hash of aa<439a> is "91b0655c6ab36ee9fc9fea0bda7f78ab". Did that match? No? The MD5 hash of aal<439a> is "9c9e018c05d4d7a36b31eb17e3b71c7d". Did that match? Yes? You win.

The point is, MD5 is extremely fast. Speed is one of the top 3 design goals of MD5, SHA1, and SHA256.

0 comments

5 comments · 2 top-level

stcredzero17y ago· 2 in thread

How about using 2048 bit RSA as a hash function? That's going to be a lot slower.

tptacekOP17y ago

Using RSA directly as a block transform is extremely dangerous; the thing you have to remember about RSA is that, more than most other crypto operations, RSA is just a simple math problem. You are vanishingly unlikely to use RSA directly in your code without introducing a vulnerability.

That said, two responses:

(1) Yes, MD5+RSA is slower (and thus better) than just MD5.

(2) But we're quibbling, because bcrypt is tunably slower, designed specifically for this problem, free, and available for most dev environments.

stcredzero17y ago

Source of confusion: bcrypt is also the name for a utility using Blowfish. bcrypt-ruby looks pretty cool.

modoc17y ago· 1 in thread

As I mention in my other post, with current hardware, my understanding is that that type of attack would take on average one year per account.

Obviously strict password rules (minimum length, etc...) shrink the attack space dramatically, but it's still a long time per hash/account. Given the number of sites/applications out there that don't use salts, and hence ARE vulnerable to a 1 hour attack using an existing rainbow file, I'm not sure why a cracker (who isn't targeting your site/app over every other site/app specifically) would bother.

tptacekOP17y ago

You might direct that question to Alec Muffett, who wrote Crack, and Solar Designer, who wrote John the Ripper, both of which have cracked salted hash passwords for over a decade.

j / k navigate · click thread line to collapse