Linked by Thom Holwerda on Wed 6th Jun 2012 22:30 UTC
Privacy, Security, Encryption Bad day for LinkedIn: not only did 6 million of their passwords get stolen and published online (as SHA1 hashes, but still), their iOS and Android applications uploaded your calendars to LinkedIn (after opting in, though). The Sensationalist Headline of the Day Award goes to Ars Technica. I guess everyone's starting to feel the sting of The Verge's fully deserved success.
Thread beginning with comment 521140
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Regarding password storage
by vaette on Thu 7th Jun 2012 07:36 UTC in reply to "Regarding password storage"
vaette
Member since:
2008-08-09

Salted password hashes is increasingly irrelevant these days though. The only point of rainbow tables is to save the time of calculating each hash. These days though, an off the shelf PC gpu can compute on the level of 2.3 billion SHA1 hashes per second. Doing a rainbow table for a new salt is no longer in any way prohibitive. See for example http://www.golubev.com/hashgpu.htm

Edited 2012-06-07 07:36 UTC

Reply Parent Score: 4

Nelson Member since:
2005-11-29

You'd have to have a rainbow table for each salt+hash combination, which is different per user. The problem gets exponentially harder with more users. Its a space issue.

Reply Parent Score: 3

vaette Member since:
2008-08-09

What I am saying is that using rainbow tables today is not really necessary, since enumerating the hashes on the fly on GPU is so cheap that keeping the table is not an all that huge optimization. 2.8 billion hashes per second means that you run through 56 gigabytes worth of potential hashes per second, and that's on a single cheaply available 5970 GPU. Storage is not an issue since you will just hash, check for a match, and then immediately discard it if unsuccessful.

Rainbow tables would of course help in that there are so many users in the LinkedIn dump, but it is still fairly easily within reach for an enterprising hacker to brute-force through a ton of them one by one. On smaller systems the salt is basically irrelevant, the GPU will go through the possibilities so fast that it is not worth the trouble to look at a table. This also means that anyone looking at a password dump can select some especially interesting user accounts and spend more resources on those, brute-forcing them more deeply than was ever practical with a rainbow table (which were always, of course, only good for short or simple passwords).

The accounts in the LinkedIn dump should be considered compromised with or without salt. Adding salt costs nothing, but it hardly makes a practical difference in the attitude you can take towards the crack.

Edited 2012-06-07 11:56 UTC

Reply Parent Score: 4