RE: Securing encrypted data in RAM vs MSSQL

[Bénoni MARTIN <Benoni.MARTIN () libertis ga>]

Yep sure, it should harden the security of the hashes...depending of what kind of salt as well! :) But in that case 
some tools also improved and have heuristical techniques to go quicker.

The time needed depends of the softwares you are using! IBM Watson's Lab. or the NSA Labs shounld do this quicker than 
my laptop! :)


-----Message d'origine-----
De : Dean Saxe [mailto:Dean.Saxe () DigitalInsight com] 
Envoyé : jeudi 1 juillet 2004 18:35
À : Bénoni MARTIN; Toro, Daniel; Stan Guzik; Dave Andrews; webappsec () securityfocus com; forensics () securityfocus 
com
Objet : RE: Securing encrypted data in RAM vs MSSQL

Shouldn't a salt value added to the plaintext before hashing effectively make this kind of a dictionary attack much 
more difficult, if not impossible, to perform since you would have to recover the salt and plaintext?

-dhs

-----Original Message-----
From: Bénoni MARTIN [mailto:Benoni.MARTIN () libertis ga]
Sent: Thursday, July 01, 2004 1:19 PM
To: Toro, Daniel; Stan Guzik; Dave Andrews; webappsec () securityfocus com; forensics () securityfocus com
Subject: RE: Securing encrypted data in RAM vs MSSQL


Well, there is always a way to recover the real password or login from a hash...the matter's is the time it will take!


The method to "dehash" a hash is quite simple: as theorically a hash_1 can be produced by a single pass_1/login_1/..., 
we can create a huge amount of random pass_2/logins_2/..., hash them with MD5/SHA-1/... and then compare each of them 
with our hash_1. ASA the two hashes are the same, we can pick up the pass/login/... which produced hash_2. Quite simple 
but really long to perform.

BTW, Cain & Abel, John the Ripper and Crack can perform such recoveries...
:)