[cryptography] Hashing power of attackers

Mon, 21 Jul 2014 21:47:28 -0700 

Is there any kind of recent estimation of what kind of hashing power we should 
expect identity thieves and other attackers to posses?  Is there public 
research to demonstrate what kind of cost would be associated with, say, 10B, 
50B, 100B SHA-256 hashes per second?  Can we expect the cost for increasing the 
speed of hashing to increase linearly for all hashes?

To get started, I found a few numbers on hashcat.net:

Hash Type       PC1         PC2         PC3         PC4         PC5
MD4             15445M c/s  4245M c/s   19868M c/s  5718M c/s   183232M c/s
MD5             7893M c/s   2802M c/s   10436M c/s  3178M c/s   93800M c/s
SHA1            2495M c/s   879M c/s    3833M c/s   1103M c/s   29528M c/s
SHA256          1036M c/s   337M c/s    1413M c/s   406M c/s    12328M c/s
SHA512          179M c/s    103M c/s    383M c/s    90M c/s     1952M c/s
SHA-3(Keccak)   157M c/s    91M c/s     277M c/s    111M c/s    2005M c/s

The scrypt paper has a table with cost estimates:

Table 1. Estimated cost of hardware to crack a password in 1 year.

KDF             6 letters   8 letters   8 chars     10 chars    40-char text    
80-char text
DES CRYPT       < $1        < $1        < $1        < $1        < $1            
< $1
MD5             < $1        < $1        < $1        $1.1k       $1              
$1.5
TMD5 CRYPT      < $1        < $1        $130        $1.1M       $1.4k           
$1.5 × 10^15
PBKDF2 (100 ms) < $1        < $1        $18k        $160M       $200k           
$2.2 × 10^17
bcrypt (95 ms)  < $1        $4          $130k       $1.2B       $1.5M           
$48B
scrypt (64 ms)  < $1        $150        $4.8M       $43B        $52M            
$6 × 10^19
PBKDF2 (5.0 s)  < $1        $29         $920k       $8.3B       $10M            
$11 × 10^18
bcrypt (3.0 s)  < $1        $130        $4.3M       $39B        $47M            
$1.5T
scrypt (3.8 s)  $900        $610k       $19B        $175T       $210B           
$2.3 × 10^23

How realistic are these numbers (and are the odd drops such as $175T -> $210B 
typo's?), how modern are they and is there any other reliable research in this 
area?  In particular, I'm interested in finding out about the different class 
of attackers and what kind of hashing power we might expect from them (script 
kiddy, criminal group with eg. a botnet, state / well funded organization).


— Maarten Billemont (lhunath) —
me: http://www.lhunath.com – business: http://www.lyndir.comhttp://masterpasswordapp.com

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to