Hacker News new | ask | show | jobs
by mrb 4708 days ago
"The encryption password is "Salted" and based on SHA-512, to avoid brute-force attacks. It takes a lot of technical means to find the word password clearly"

"clearly?" OVH is wrong. Based on this information alone, it is not sufficient to say how costly it is to recover the password. SHA-512 needs to be iterated to make it costly to brute force.

For example, a raw SHA-512 hash, even salted, is not iterated and is easy to brute force. But multiple passes, as in crypt-SHA-512, are iterated and very costly to brute force.
3 comments
huhtenberg 4708 days ago
It's an ESL issue. He meant to say "in clear" as in "plaintext" rather than "clearly", clearly.
link
deweerdt 4707 days ago
Definitely: the french for plaintext would be "en clair"
link
lmkg 4708 days ago
I think you may be reacting to a mis-parse. The sentence is awkwardly phrased either way, but "clearly" could mean "it is clear that it takes a lot of technical means," or it could mean "to find a clear version (i.e. plaintext) of the password."
link
jlgaddis 4708 days ago
If one's password is "password", the choice of hash algorithms and salts is irrelevant anyway.
link
yeukhon 4707 days ago
Yes and no. If you salted a plaintext using any hash algorithm, the biggest advantage is on the population, not an individual password; so yes, it is irrelevant for any single password. If you have comprised a database, and you are interested in a single user, then you can easily recompute months. But if you are interested in compromising a large user population, because you want to find the weakest (like find all the users using 'password' or '123456'), then you have a hard time because with salt you cannot find occurrence. People think salt saves everything, that is not true. It only adds hardness to secure a population, not an individual password (because the salt is appended and stored!). Now when it comes to iteration, sure, adaptive hashes like bcrypt or scrypt can make computation longer. That's all. Using sha512 is still wrong: it's a hash designed for fast hashing, not for securing password. bcrypt is slowly broken. Slowly because workfactor is exponential.
link