Your numbers show that SRP-SHA1 is about 50000 times better than salted SHA1. Not great, better than nothing (at least for those of us without dictionary-targetable passwords).
I've been continuing to work on this through the night. Initial benchmarking on EC2 show you can test SRP passwords at a rate of ~180k / sec on c1.xlarge, at $0.66/hr per instance.
Particularly with Blizzards strange 'case-insensitive alphanumeric only' policy, anything less than truly random 8+ character passwords are within reach.
For 90% of their users, this spells trouble. If you've seen John the Ripper, you know 'dictionary-targetable' is an increasingly ambiguous term.
My main point is that Blizzard is coming out and saying in their press release: "We use Secure Remote Password protocol (SRP) to protect these passwords, which is designed to make it extremely difficult to extract the actual password"
And in their FAQ: "Cryptographically scrambled versions of passwords for North American players were accessed, protected by Secure Remote Password (SRP) protocol.... The added layer of protection from SRP makes that process computationally very difficult and expensive."
When what they SHOULD be saying is, "we used industry standard best practices, but even so the majority of the passwords have most likely already been cracked. Please make sure you change them immediately."
It would be nice if I could still tweak the title at this point.
As a point of comparison, it looks like you can get 650 million/s on a cg1.4xlarge instance [1] (Amazon's GPU computing instance with 2x Tesla Fermi M2050 GPUs), and it looks like they cost $2.10/hour per instance. So some quick math does show that cracking SRP is only about 572 times slower, if we normalize for cost of the instances on EC2.
Particularly with Blizzards strange 'case-insensitive alphanumeric only' policy, anything less than truly random 8+ character passwords are within reach.
For 90% of their users, this spells trouble. If you've seen John the Ripper, you know 'dictionary-targetable' is an increasingly ambiguous term.
My main point is that Blizzard is coming out and saying in their press release: "We use Secure Remote Password protocol (SRP) to protect these passwords, which is designed to make it extremely difficult to extract the actual password"
And in their FAQ: "Cryptographically scrambled versions of passwords for North American players were accessed, protected by Secure Remote Password (SRP) protocol.... The added layer of protection from SRP makes that process computationally very difficult and expensive."
When what they SHOULD be saying is, "we used industry standard best practices, but even so the majority of the passwords have most likely already been cracked. Please make sure you change them immediately."
It would be nice if I could still tweak the title at this point.