Re: Salted passwords

[T Biehn <tbiehn () gmail com>]

I'm flattered; If you only knew what it was for...
IHBT?

-Travis

On Mon, Aug 10, 2009 at 12:08 PM, <antisec () hushmail com> wrote:
> AntiSec would like to approach you by telling you to keep you
> whitehat filty ass off our list, Travis.
>
> Have a nice day sucking off Aitel.
>
> On Sun, 09 Aug 2009 20:14:57 -0400 T Biehn <tbiehn () gmail com> wrote:
> > Soliciting random suggestions.
> > Lets say I have data to one-way-hash.
> > The set has 9,999,999,999 members.
> > It's relatively easy to brute force this, or create precomp
> > tables.
> > So you add a salt to each.
> > Still easy to brute force.
> > If you were to create it in such a way that the hash could exist
> > anywhere in the set member, does this increase the cost of
> > computation
> > enough?
> >
> > That is, consider a member 'abcdefg' with salt 329938255.
> > When authenticating against the server, it must permute over all
> > possible combinations of the salt and the set member in order to
> > determine the validity of the password.
> >
> > If anyone has a better approach, or would like to approach me off
> > list, or knows of a list more suited to these queries please feel
> > free
> > to redirect me :)
> >
> > -Travis
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/