Hi gang,

As an outsider, sort of, looking in I had an interesting thought about this. Since insider threats are the biggest problem, what vector could an insider use against password hashes to gain root password access?

The problem with Rainbow tables is that they would be too massive when the salt was 4096 to be practical unless you had the power of NSA or an equivalent supporting your efforts.

However, what about attacking the salt? How good is the PRNG for the salt? Is it at all predictable?

Here is one approach that might work. Keep entering the same password(s) and collecting the resultant hashes until you get several duplicates. Then analyze the results to see if there is a pattern to the repetition that would allow for a birthday attack against the salt that would allow an attack against the root password hash or other administrative rights password hashes that could be collected.

I suspect this would be somewhat difficult to code but once done almost the entire attack could be done off-line on a machine that uses the same password hash creation mechanism so you wouldn't trigger an IDS or similar audit process on the network under attack.

Given the long history of industrial espionage in the corporate world I'm sure that there are probably small teams working to collect information that have somewhat more resources than an individual or outsider group might have, making the effort required feasible.




Leichter, Jerry wrote:
| ...One sometimes sees claims that increasing the salt size is important.
| That's very far from clear to me.  A collision in the salt between
| two entries in the password file lets you try each guess against two
| users' entries.  Since calculating the guess is the hard part,
| that's a savings for the attacker.  With 4K possible salts, you'd need a


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to