|
|
|
|
|
|
by SV_BubbleTime
1271 days ago
|
|
|
Can someone explain to me why the number of PBKDF rounds actually matters? When they are saying 100,000 rounds, they mean 100,000 rounds WITH the key right? If you wanted to brute force this password, and there are no vulnerabilities in the hashing algo, then you need to try aaaa with 100,000 runs, and aaab with another 100,000 runs right? So if you use a long random key, it wouldn't matter if it was 1 cycle or 1 billion effectively, right? Or am I missing something? I'm assuming there is a hash table exploit for PBKDF2 and that the number of rounds really does matter? |
|
|