Is there any kind of recent estimation of what kind of hashing power we should expect identity thieves and other attackers to posses? Is there public research to demonstrate what kind of cost would be associated with, say, 10B, 50B, 100B SHA-256 hashes per second? Can we expect the cost for increasing the speed of hashing to increase linearly for all hashes?
To get started, I found a few numbers on hashcat.net: Hash Type PC1 PC2 PC3 PC4 PC5 MD4 15445M c/s 4245M c/s 19868M c/s 5718M c/s 183232M c/s MD5 7893M c/s 2802M c/s 10436M c/s 3178M c/s 93800M c/s SHA1 2495M c/s 879M c/s 3833M c/s 1103M c/s 29528M c/s SHA256 1036M c/s 337M c/s 1413M c/s 406M c/s 12328M c/s SHA512 179M c/s 103M c/s 383M c/s 90M c/s 1952M c/s SHA-3(Keccak) 157M c/s 91M c/s 277M c/s 111M c/s 2005M c/s The scrypt paper has a table with cost estimates: Table 1. Estimated cost of hardware to crack a password in 1 year. KDF 6 letters 8 letters 8 chars 10 chars 40-char text 80-char text DES CRYPT < $1 < $1 < $1 < $1 < $1 < $1 MD5 < $1 < $1 < $1 $1.1k $1 $1.5 TMD5 CRYPT < $1 < $1 $130 $1.1M $1.4k $1.5 × 10^15 PBKDF2 (100 ms) < $1 < $1 $18k $160M $200k $2.2 × 10^17 bcrypt (95 ms) < $1 $4 $130k $1.2B $1.5M $48B scrypt (64 ms) < $1 $150 $4.8M $43B $52M $6 × 10^19 PBKDF2 (5.0 s) < $1 $29 $920k $8.3B $10M $11 × 10^18 bcrypt (3.0 s) < $1 $130 $4.3M $39B $47M $1.5T scrypt (3.8 s) $900 $610k $19B $175T $210B $2.3 × 10^23 How realistic are these numbers (and are the odd drops such as $175T -> $210B typo's?), how modern are they and is there any other reliable research in this area? In particular, I'm interested in finding out about the different class of attackers and what kind of hashing power we might expect from them (script kiddy, criminal group with eg. a botnet, state / well funded organization). — Maarten Billemont (lhunath) — me: http://www.lhunath.com – business: http://www.lyndir.com – http://masterpasswordapp.com
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography