[Cryptography] millions of Ashley Madison bcrypt hashes cracked efficiently
Tony Arcieri
bascule at gmail.com
Fri Sep 11 00:42:25 EDT 2015
tl;dr: they cracked MD5 digests instead. The MD5 version was downcased.
Once recovering the downcased password, they recovered the case sensitive
version by brute forcing all possible case variants against the bcrypt
digests.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150910/d92cdda6/attachment.html>
More information about the cryptography
mailing list