On Sun, 28 Jan 2007, Steven M. Bellovin wrote: > Beyond that, 60K doesn't make that much of a difference even with a > traditional /etc/passwd file -- it's only an average factor of 15 > reduction in the attacker's workload. While that's not trivial, it's > also less than, say, a one-character increase in average password > length. That said, the NetBSD HMAC-SHA1 password hash, where I had > some input into the design, uses a 32-bit salt, because it's free.
In many cases the real goal is not to find all (or many) passwords, but to find at least one, so one may concentrate on the most-oftenly used salt. (Of course, with 60K passwords there is almost for sure at least one "password1" or "Steven123" and thus the salts are irrelevant.) -- Regards, ASK --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
