[Cryptography] Possible reason why password usage rules are such a mess
Phillip Hallam-Baker
phill at hallambaker.com
Thu Nov 19 05:46:30 EST 2020
On Wed, Nov 18, 2020 at 12:04 PM Kent Borg <kentborg at borg.org> wrote:
> On 11/17/20 1:09 PM, Phillip Hallam-Baker wrote:
>
> Some of the password stupidity we suffer from today comes from the two
> weeks after the release of Crack. At the time, UNIX password files were
> world readable by default and anyone suggesting shadow password files was
> the way to go was attacked for 'security through security'. Crack upped the
> ante because it could make 6? 60? attempts a second and so a moderate sized
> cluster of SPARCstations could test every password in a million entry
> dictionary in a weekend.
>
> But readable password hashes have gone away. Passwords are only readable
> on systems that are already quite broken. (Any old Unix systems still
> running are quite broken.) To set password policy based this case is all
> wrong.
>
Password cracking doesn't use dictionaries any more... brute force is
practical.
Sure, nobody leaves the front door open on the password file any more. But
breaches occur regularly and the password files leak...
> Battery Horse Staple Correct is 2^60 bits of work factor. That is not
> strong enough.
>
> If the target system has already been broken into, correct. But if one has
> to brute force through a login program? 2^60 is more than plenty!
>
> If I have done my math correctly, to be certain of breaking in in
> 100-years, one would have to get the login to test passwords for you at
> over a 6 MHz rate that entire time. Appropriately faster to get in
> appropriately sooner.
>
Retired bitcoin mining rigs... 600 billion a second. 0.6 THz... That system
is six years old now.
This gets me to an oft ignored point: passwords (something that has to be
> tested against some authority) are completely different from encryption
> passphrases (which, given ciphertext, can be tested in parallel and at
> arbitrary speeds).
>
No they aren't. Not in practice because the user has absolutely no control
over how the password authentication data is going to be stored.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20201119/6ede097d/attachment.htm>
More information about the cryptography
mailing list