Private Key Generation from Passwords/phrases
Allen
netsecurity at sound-by-design.com
Sun Feb 4 11:31:38 EST 2007
Alexander Klimov wrote:
[snip]
>(Of course, with 60K passwords there is almost for sure at
> least one "password1" or "Steven123" and thus the salts are
> irrelevant.)
>
I'm not sure I understand this statement as I just calculated the
HMAC MD5 for "password1" using a salt of 7D00 (32,000 decimal)
and got the result of 187de1db3348592a3595905a66cae418. Then I
calculated the MD5 with a salt of 61A8 (25,000 decimal) and got a
result of 9cad6ac9f5555d6c09fd8e99e478381f.
Are you saying that the salt is irrelevant because a dictionary
attack is fast and common dictionary words would allow an easy
attack?
Thanks,
Allen
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list