| 1 |
On Fri, 2020-05-22 at 01:09 +1200, Kent Fredric wrote: |
| 2 |
> On Thu, 21 May 2020 14:25:00 +0200 |
| 3 |
> Ulrich Mueller <ulm@g.o> wrote: |
| 4 |
> |
| 5 |
> > That's why I said salted hash. |
| 6 |
> |
| 7 |
> Even a salted hash becomes a trivial joke when the input data you're |
| 8 |
> hashing has a *total* entropy of only 32bits. |
| 9 |
> |
| 10 |
|
| 11 |
If anyone cares about the numbers, I've been able to crack my own IP |
| 12 |
address (85.*) in 10 minutes using john with trivial IP address wordlist |
| 13 |
generator and plain SHA-512 hash. I suppose you could assume that |
| 14 |
having salted hashes would mean up to 30 minutes per IP address but |
| 15 |
that's still not much. I suppose you could use Argon2 or some other |
| 16 |
crazy hash but... where is this going, really? |
| 17 |
|
| 18 |
-- |
| 19 |
Best regards, |
| 20 |
Michał Górny |
Archives