Hacker News new | ask | show | jobs
by stavros 872 days ago
Modern KDF algorithms are designed to guard against offline attacks by massively increasing the cost per hash. Online or offline, brute forcing shouldn't be an issue nowadays.

Saying "there's no limit besides your resources" is basically saying "there's no limit besides the very real and insurmountable limit there is".
2 comments
tetha 872 days ago
Yeah, I fell into my usual security questionaire wording there.

I'm not even contradicting you there. You can go as fast as you can go. Even if every atom in the current estimation of the universe had a couple thousand computations available, we couldn't brute-force some passwords. Except, now customer security asks you "but what about millions of computations per atom? Checkmate!".

Being too concrete and absolute with these kinds of people ends up with so many stupid discussions.

link
stavros 872 days ago
> You can go as fast as you can go.

This is true, it's just that, with modern KDFs, that's still too slow to matter (unless someone broke them and we don't know). If you use a modern KDF, you basically don't have to worry about brute forcing at all, even for fairly weak passwords.

link
tetha 872 days ago
I know that. You're missing the second part there.

I have been asked by customers about the reliability of our software platform if major german cities have been hit with either nuclear, natural or military disaster. It's that level of silly you sometimes have to deal with.

Eventually I got fed up enough and told those kinda people that I'm volunteering in disaster prevention services and their systems wouldn't be my problem at that point.

link
stavros 872 days ago
Huh, I didn't know people wanted that level of disaster planning.
link
PrimeMcFly 872 days ago
Guess how many systems are using KDF algorithms in practice?
link
TillE 872 days ago
Probably the vast majority of important systems. PBKDF2 has been around forever and is in very widespread use.
link
stavros 872 days ago
The fact that they aren't implementing the solution doesn't mean that the solution doesn't exist or isn't effective, though.

Plus, nowadays, most (all?) big frameworks have used KDFs by default for years.

link
PrimeMcFly 872 days ago
True. I don't think Windows or Linux do though, right?
link
stavros 872 days ago
Linux uses bcrypt by default, AFAIK. Windows had NTLM last I looked, but I don't know what they have now.
link
zoolily 872 days ago
Ubuntu Linux used to use a SHA2 hash repeated 5000 times, but my Ubuntu 22.04 system uses yescrypt, which is one of those KDFs.
link
PrimeMcFly 872 days ago
nice!
link