Password Hashes, Again

Daniel Berlin dberlin at dberlin.org
Mon Apr 16 12:01:50 UTC 2012


On Mon, Apr 16, 2012 at 7:38 AM, Vlad Dascalu <vladd at bugzilla.org> wrote:
>> I don't think that's true. At least not without knowing the salt first.
>
> If he got access to the DB the assumption is that he knows the code
> for the salt (i.e. constant value or first two letters of the password
> being tried).
>
>> Surely salting means you can only attack one password at once, whereas not salting means you can attack them all in parallel?
>
> Salting has nothing to do with GPU parallelism. bcrypt fails on GPUs
> because it requires a long memory area which exceeds the addressable
> cache of the GPU units  (see this answer:
> http://crypto.stackexchange.com/questions/400/why-cant-one-implement-bcrypt-in-cuda
> ).

Of course, this will change as effects/etc GPU's are used for become
ever more complex.
I wouldn't expect this particular limitation to last for very long.
It was only a short time ago that GPU's basically had *no* local ram.



More information about the developers mailing list