Linked by Thom Holwerda on Mon 4th Jul 2011 21:43 UTC
Apple So, Anonymous, under the guise of its AntiSec campaign, has hacked an Apple server, got access to 27 administrator usernames and passwords, and put them on Pastebin. Is it time to panic? Is it time to point and laugh at Apple? Is it time to stop using iTunes? Not really - this is a small hack that will cause little to no damage.
Thread beginning with comment 479596
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: SHA1 hashed
by Soulbender on Tue 5th Jul 2011 15:53 UTC in reply to "RE: SHA1 hashed"
Soulbender
Member since:
2005-08-18

However even salting alone is insecure since building the reverse index is feasible using free software.


Actually, no. A sufficiently long salt (say at least 48 bits) makes pre-computed attacks unfeasible.
Of course, combining salting with key-stretching (as in bcrypt) makes it even more unfeasible.

Reply Parent Score: 2

RE[3]: SHA1 hashed
by Alfman on Tue 5th Jul 2011 19:21 in reply to "RE[2]: SHA1 hashed"
Alfman Member since:
2011-01-28

Soulbender,

"Actually, no. A sufficiently long salt (say at least 48 bits) makes pre-computed attacks unfeasible.
Of course, combining salting with key-stretching (as in bcrypt) makes it even more unfeasible."

This is not strictly true. You seem to be assuming that the salt is secret, however in a scenario where an attacker gets in through a web application vulnerability, the attacker will have access to the salt and will be able to build the reverse hash indexes based on it.

Consider the practical differences to the attacker who's building a reverse index.

foreach password {
insert hash->password where hash=H(password)
insert hash->password where hash=H(salt+password)
}

Salting alone does not create the computational complexity required to foil a permutation attack. In fact it's doubtful even to increase the complexity by a factor of 2.

What is needed is a way to increase forward hashing complexity such that building an index becomes prohibitively expensive and time consuming.

As I mentioned earlier, applying hash algorithms recursively is an effective way to do this. There are many possible variants of this idea, here are the two most obvious:

H(H(H(H(salt+password))))
H(salt+H(salt+H(salt+H(salt+password))))

Reply Parent Score: 2

RE[4]: SHA1 hashed
by Soulbender on Tue 5th Jul 2011 20:22 in reply to "RE[3]: SHA1 hashed"
Soulbender Member since:
2005-08-18

Salting alone does not create the computational complexity required to foil a permutation attack. In fact it's doubtful even to increase the complexity by a factor of 2.


You're disagreeing with what most cryptographers say.

What is needed is a way to increase forward hashing complexity such that building an index becomes prohibitively expensive and time consuming.


Look at bcrypt. it does what I presume you're after.

Reply Parent Score: 2