|
|
|
|
|
|
by SavantIdiot
1637 days ago
|
|
|
You are correct: if the password used to create the key is trivial, then there definitely exists hardware that can guess AES256 passwords even if a KDF is used weakly. I'm not sure how to read that table. Is that really the cost for a 100,000 iteration PBKDF2?!? |
|
|
But yes, it matches my intuition--brute forcing human-strength keys is surprisingly cheap. (And I don't know if they're taking into account the discount if you have custom ASICs for this, defend against which is the argument made for scrypt instead.)