Soliciting random suggestions. Lets say I have data to one-way-hash. The set has 9,999,999,999 members. It's relatively easy to brute force this, or create precomp tables. So you add a salt to each. Still easy to brute force. If you were to create it in such a way that the hash could exist anywhere in the set member, does this increase the cost of computation enough?
That is, consider a member 'abcdefg' with salt 329938255. When authenticating against the server, it must permute over all possible combinations of the salt and the set member in order to determine the validity of the password. If anyone has a better approach, or would like to approach me off list, or knows of a list more suited to these queries please feel free to redirect me :) -Travis _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
