| HN Mirror

Y	Hacker News new \| ask \| show \| jobs

by pbhjpbhj 5016 days ago

>"7,000 years divided by 100,000 hashes is 25.55 days." //

This only works if hash reversal costs the same as hash calculation. I think you've made an error.

Brute force in hash terms doesn't mean a "search" it means you take a string, hash it and see if the hash matches. That's the brute part, no grace.

The 7000 years figure is clearly vastly inflated what's needed for passwords in the wild but I'm merely countering the contention that 'md5 is as good as plaintext'.

I note that despite it apparently only taking seconds to reverse my short string that no one has posted the plaintext yet. This doesn't look like it is as easy to read as plaintext.

I'm not at all claiming md5 is good security - just suggesting that the claim that md5 is equivalent to plaintext is hyperbole.

The easy way to show that I'm wrong is to post the plaintext of that hash.

1 comments

problemdomain 5016 days ago

> Brute force in hash terms doesn't mean a "search" it means you take a string, hash it and see if the hash matches.

A) That is a search, and B) I know this. You are still fundamentally misunderstanding the problem domain. We don't care about a hash. We care about 100,000 hashes. You don't need to brute force every single hash from scratch, you simply have to take a string, hash it, and see if that hash is present in the table of 100,000 hashes.

> I note that despite it apparently only taking seconds to reverse

No one claimed that, you inferred it based on a fundamental misunderstanding of the problem domain.

link

pbhjpbhj 5016 days ago

>A) That is a search //

Ha ha. Not really. You're not searching for the plaintext that produces a hash. You're producing hashes irrespective of the result and then matching. IMO the term search would only truly apply if you were reversing the hash mathematically - you'd start with the hash and perform a non-complex operation to find the plaintext.

Instead one searches across hashes after compiling a correspondence table, not across plaintexts. I suppose it's a subtle distinction; largely irrelevant to my contention.

>you inferred it based on a fundamental misunderstanding of the problem domain //

I did not infer it. It was implied. For example,

emidln: "md5 passwords lists are plaintext for modern hardware"

So yes, I suppose adding on a few seconds for plaintext recovery was unfair of me, based on a comment like this I should have said "I note that despite just having to read it back almost as quickly as plaintext ...".

WRT the problem domain. You're discussing an entirely different issue to that which I raised. The start point is simply this:

>"MD5 is an utterly terrible password hash. It's just about as bad as plaintext." //

That is the pertinent problem domain for my comment. I even went to efforts to emphasise that beyond that atomic claim I was recognising the paucity of md5 for real world password hashing - I don't think one can have used Rainbow tables and not realised that point. Are you really contending still that md5 is almost equivalent to plaintext in terms of string discovery and that there is no exaggeration in that.

If the IEEE logs were released with md5 hashed passcodes then other than trivial recognisable cases like 2867-whatever-it-is then one at least has to do work to recover the plaintext.

Aside: I'm intrigued why you created a separate account just to press this position.

link

problemdomain 5016 days ago

The question of password hashing does not concern a password, it concerns passwords. This is a textbook case of being unable to see the forest for the trees. I'm actually astounded by how closely the idiom matches this case.

A simple MD5 hash is "about as bad as plaintext" because the vast majority of passwords will be trivially cracked if it's used, not because any one password will be cracked in a trivial timeframe.

masklinn was speaking against this background. You've created a whole other background that just isn't relevant to the real world issue of password hashing.

> Aside: I'm intrigued why you created a separate account just to press this position.

I created an account so I'd have one to respond to your comment with. The choice of name does not mean it's specific to this discussion, it was simply inspired by it. Again, you focus on an individual detail to the detriment of the big picture.

link

pbhjpbhj 5015 days ago

>Again, you focus on an individual detail to the detriment of the big picture. //

Ostensibly the difference here is that you're looking from the administrative side (it appears) and I'm looking from the user's side.

As for "again". Surely using your regular account makes for a bigger picture as I could see where you're coming from, your general demeanour, your desire to argue incessantly around the point whilst not broaching the point itself, that sort of thing. From your side the choice of name as specific may well be "the big picture" but from anyone else reading the discussion you've removed a lot of out-of-band information that could be pertinent. Which to be honest makes me chuckle as you accuse me, probably rightly in this instance, of narrow focus.

>A simple MD5 hash is "about as bad as plaintext" because the vast majority of passwords will be trivially cracked if it's used //

With plaintext all passwords will be "cracked" in zero time. With MD5 good passwords will be expensive to crack. ROT-13 is about as bad as plaintext. MD5 IMO is better to a point that this claim was exaggeration.

So we'll go straight to the rub - you disagree that there was any exaggeration in that initial statement?

link

problemdomain 5015 days ago

> I'm looking from the user's side

From the user's side, proper password storage practices mean your passwords are far less likely to be compromised.

> Surely using your regular account

Uh, and what "regular account" would that be? You assume much, but know little.

> you disagree that there was any exaggeration in that initial statement?

Yes.

link

pbhjpbhj 5012 days ago

>proper password storage practices mean your passwords are far less likely to be compromised //

Indeed and considering I'm using 20 char mixed passkeys if they're hashed with md5 then they'll take zillions of times longer to reveal than plaintext ... oh wait, no they won't because plaintext is about as bad as plaintext - and you appear to believe that is from any perspective ...

So go on, 3 days must be plenty of time to read something that's about as bad as plaintext at remaining unread.

>You assume much, but know little. //

There is nothing certain, not even this. However pyrhonic absolutism gives sway to pragmatism in general conversation.

So, what, never post on HN, create a new account for each thread, enter comments direct to the db using a morse key ... what? I'd hardly call the assumption that you had an account that you used in the normal way to be massive.

link