On Sat, 28 Oct 2017, Aki Tuomi wrote:
A random article on the internet ...
That would be funny to see in a bibliography. "Accoring to [RANDOM] ..."
says it's rather feasible if you want passwords cracked. Of course if
the passwords are longer than, say, 8 characters, it becomes less
feasible. My point wasn't to say that SHA512 is fully insecure, and
adding rounds does make it less so as the expenses rack up.
https://killtacknine.com/test-driving-google-cloud-gpus-with-hashcat/
It's not available on the graphics (puzzling), but if you look at the
gist, it'll show that SHA512-CRYPT is cracked at 247.9 kH/s and
MD5-CRYPT (salted MD5) at 17579.7 kH/s.
Well, let's see. The expected time to crack an 8 alphanumeric password
(pretty much scraping the bottom of the strength policy barrel)
62^8/247900/2 ~ 14years (SHA512-CRYPT)
62^8/17579700/2 ~ ~72 days (MD5-CRYPT)
Not trivial, but not reassuring, especially since processors get
faster.
This is especially true if the hashes are guarded against leakage, as
most are. Strong crypt-hashes are an extra layer of protection
(defense in depth).
Yet these leaks, they seem to occur.
True enough. Case in point:
https://techcrunch.com/2016/08/30/dropbox-employees-password-reuse-led-to-theft-of-60m-user-credentials/
(Ironic note: even though half the passwords were using a straight
SHA1 hash and thus much weaker, they did not leak the associated
salt, and thus, were useless. The bcrypt hashes though, included
the salt and were vulnerable.)
Take away: use a strong password -- the hardest crypt algortihm in the
world can't save you if you don't.
Joseph Tam <[email protected]>
