nanog mailing list archives
RE: MD5 is too fast
From: Vasilenko Eduard via NANOG <nanog () lists nanog org>
Date: Mon, 15 Sep 2025 06:06:47 +0000
If it is so easy to enforce long enough and random enough passwords, Then why did IT people move to hashes with much lower speed? Take, for example, 16 really random letters (on keyboard), then the time to check all MD5s would go to 9.2B years (for the same 8 cards "NVIDIA GeForce RTX 5090"). Even if the attacker gets access to 100k of "NVIDIA GeForce RTX 5090", it is still 0.72M years. 16 random letters are definitely enough for the purpose. Ed/ -----Original Message----- From: Jay Acuna via NANOG <nanog () lists nanog org> Sent: Friday, September 12, 2025 18:17 To: North American Network Operators Group <nanog () lists nanog org> Cc: Jay Acuna <mysidia () gmail com> Subject: Re: MD5 is too fast On Thu, Sep 11, 2025 at 10:17 AM nanog--- via NANOG <nanog () lists nanog org> wrote:
See; The simple policy of: Routing protocol keys are to be created using "pwgen 85" or at least "pwgen 38". Never create a key by hand. This rule preferably applies to all `passwords' sent over the network or keys which secure a network protocol, even if encrypted transport is used, and even if hashed.
Have you calculated how long it should take to test all 80-bit passwords? 200-bit passwords? 2000-bit passwords?
A password with 80bits randomness or entropy (An ~11-character properly generated random password) contains 2^80 = 1208925819614629174706176 possibilities. If you can make 1 Trillion guesses per second, then it takes on average 19167 years to crack. That is the expectation if the hash is secure. You divide the number of possibilities by (two times the number of guesses per second)*86400*365. Current hardware gets you 80 million guesses per second per GPU for about $1800 per node, So the 1 trillion guesses per second is 12,500 hardware nodes obtainable by spending approximately $22.5 million. At that rate you need approximately 10 years' worth of brute forcing before you have a >= 0.1% chance of guessing it randomly. Each additional bit doubles the figures up to approximately 128 bits. Where you are looking at a 5395141535403007094 years to crack on average. Adding bits will eventually reach the problem that your hashing algorithm only maps inputs to 256 bits of output, so the adversary could guess a different password from yours which happens to hash to the same value as the correct one.
Suppose that a good server can try about a billion passwords per second. How long do you think it takes to try all the passwords?
-- -JA _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog () lists nanog org/message/BNJVO2FJCT7CPD5FZSOWRBAZCJLPCNVZ/ _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog () lists nanog org/message/FRWYU5IWBZU3F73ILPW5ABLRDUGOUBG2/
Current thread:
- Re: MD5 is slow, (continued)
- Re: MD5 is slow Matthew Petach via NANOG (Sep 09)
- RE: MD5 is slow Vasilenko Eduard via NANOG (Sep 09)
- Re: MD5 is slow Matthew Petach via NANOG (Sep 10)
- RE: MD5 is slow Vasilenko Eduard via NANOG (Sep 11)
- Re: MD5 is slow Saku Ytti via NANOG (Sep 11)
- Re: MD5 is slow Thomas Bellman via NANOG (Sep 11)
- RE: MD5 is slow Vasilenko Eduard via NANOG (Sep 11)
- RE: MD5 is too fast nanog--- via NANOG (Sep 11)
- Message not available
- Message not available
- Message not available
- RE: MD5 is too fast nanog--- via NANOG (Sep 12)
- Re: MD5 is too fast Jay Acuna via NANOG (Sep 12)
- RE: MD5 is too fast Vasilenko Eduard via NANOG (Sep 14)
- Re: MD5 is too fast Mark Andrews via NANOG (Sep 14)
- RE: MD5 is too fast nanog--- via NANOG (Sep 14)
- RE: MD5 is too fast Riley O via NANOG (Sep 15)
- RE: MD5 is slow Vasilenko Eduard via NANOG (Sep 11)
- Re: MD5 is slow Chris Woodfield via NANOG (Sep 11)
- Re: MD5 is slow Jay Acuna via NANOG (Sep 11)
- RE: MD5 is slow Vasilenko Eduard via NANOG (Sep 08)