Password encription
Joseph Tam
jtam.home at gmail.com
Sat Oct 28 02:19:56 EEST 2017
On Sat, 28 Oct 2017, Aki Tuomi wrote:
> A random article on the internet ...
That would be funny to see in a bibliography. "Accoring to [RANDOM] ..."
> says it's rather feasible if you want passwords cracked. Of course if
> the passwords are longer than, say, 8 characters, it becomes less
> feasible. My point wasn't to say that SHA512 is fully insecure, and
> adding rounds does make it less so as the expenses rack up.
>
> https://killtacknine.com/test-driving-google-cloud-gpus-with-hashcat/
>
> It's not available on the graphics (puzzling), but if you look at the
> gist, it'll show that SHA512-CRYPT is cracked at 247.9 kH/s and
> MD5-CRYPT (salted MD5) at 17579.7 kH/s.
Well, let's see. The expected time to crack an 8 alphanumeric password
(pretty much scraping the bottom of the strength policy barrel)
62^8/247900/2 ~ 14years (SHA512-CRYPT)
62^8/17579700/2 ~ ~72 days (MD5-CRYPT)
Not trivial, but not reassuring, especially since processors get
faster.
>> This is especially true if the hashes are guarded against leakage, as
>> most are. Strong crypt-hashes are an extra layer of protection
>> (defense in depth).
>
> Yet these leaks, they seem to occur.
True enough. Case in point:
https://techcrunch.com/2016/08/30/dropbox-employees-password-reuse-led-to-theft-of-60m-user-credentials/
(Ironic note: even though half the passwords were using a straight
SHA1 hash and thus much weaker, they did not leak the associated
salt, and thus, were useless. The bcrypt hashes though, included
the salt and were vulnerable.)
Take away: use a strong password -- the hardest crypt algortihm in the
world can't save you if you don't.
Joseph Tam <jtam.home at gmail.com>
More information about the dovecot
mailing list