|
|
|
|
|
|
by gruez
599 days ago
|
|
|
>I forgot the name and what the data was used to protect/derive: maybe some authentication scheme? It's a variant of salted passwords, where the "salt" is a huge file that sits on a server somewhere. To validate any given password, it only requires accessing a few bytes that are deterministically but randomly determined. This isn't a problem when validating passwords, but if you're an attacker trying to exfiltrate the file (so you can run offline bruteforce attacks on it), the huge file becomes prohibitively expensive to exfiltrate. |
|
|