On Jul 31, 2009, at 12:56 PM, Julio wrote: >> If we have a deterministic (1:1) transform t() of the password, then >> hash(t(password)) is exactly some hash'(password). We've redefined >> the >> hash function, and all we have to do is to create a new rainbow table >> for that function. That is, you can consider any 1:1 pre-hash >> transform of the password to be part of the hash function itself. >> Sure, if hash() was md5(), then hash'() will be something else, and >> you won't be able to take advantage of public rainbow tables. But you >> can create your own rainbow table for hash'. >> > > I think here is where the source of confusion is, for the record I am > not talking a brute force known hash attack (which incidentally the > "random" salt used in your approach become "known" anyway). > > If I read you correctly, you are saying that all you need to do is > generate a custom rainbow table with hash(t(password)) and you'll be > set, what I am saying is that you will have to generate that custom > rainbow table for *each* record you'd like to crack,
No, that's not the case. You need only one rainbow table for the new hash' function and you're done. hash(t(p)) is simply hash'(p), and all you need is the rainbow table for hash' instead of hash. But this only works when t(p) is a 1:1 transform, and that's not the case for random salt, even if the salt is non-secret. > now my point is > that your approach is exactly the same as the one I said earlier, by > adding a pseudo-random number as the salt, and that salt is 100% > discoverable (deterministic) you are just playing the same game but > with a different ball. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
