Date: Thu, 24 May 2012 20:51:13 +0200 From: Frank Dittrich <frank_dittrich@...mail.com> To: john-users@...ts.openwall.com Subject: Re: Can Excessive Rounds make Password cracking Infeasable On 05/24/2012 08:22 PM, Brad Tilley wrote: >> If you don't have a single-user system, but a server that is used by >> thousands of users who all login at nearly the same time, the possible >> delay will be much longer, and the server will hardly be usable for >> other activities during those times. > > Yes, thanks Frank. I understand that and have no disputes or questions > about that. I just wanted to point out that there are other limits for increasing the iteration count. E.g., SAP's latest hash algorithm also allows the admin to adjust the iteration count. If I set the iteration count to the highest possible value, logging into the SAP system on my laptop takes roughly half an hour. And this is just for computing a single hash. Add a password history size of 10 (also configurable by the admin to prevent password reuse), and it would take the whole day to login, wouldn't they run into a timeout. > My question is about the feasibility of cracking such hashes. Then the answer to your question might be: Get a large number of hashes for fast saltless hash algorithm, see how many passwords you crack in the first hour. Divide the average reported c/s rate by the average number of uncracked hashes. Also note the percentage of cracked passwords. Then try an arbitrary attack (e.g. incremental mode) against your single hash which also runs at least one hour without finding the correct password. Interrupt after an hour, check the reported c/s rate. By comparing the c/s rate with the result you got in your first attempt, you learn how long cracking the high iteration count salted hash takes if you want to get a comparable success rate. (Don't forget to multiply this with the number of different salts you are attacking simultaneously.) If you want to know the probability of cracking such a password in a given time (say one week), just calculate how long you would have to run your password cracking attempt for the fast hash to process a comparable number of candidate passwords. Then check what percentage of fast hashes you cracked in in this time. This would give you at least a good enough estimate. Frank
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.