Password Hashes, Again

Daniel Berlin dberlin at
Mon Apr 16 12:01:50 UTC 2012

On Mon, Apr 16, 2012 at 7:38 AM, Vlad Dascalu <vladd at> wrote:
>> I don't think that's true. At least not without knowing the salt first.
> If he got access to the DB the assumption is that he knows the code
> for the salt (i.e. constant value or first two letters of the password
> being tried).
>> Surely salting means you can only attack one password at once, whereas not salting means you can attack them all in parallel?
> Salting has nothing to do with GPU parallelism. bcrypt fails on GPUs
> because it requires a long memory area which exceeds the addressable
> cache of the GPU units  (see this answer:
> ).

Of course, this will change as effects/etc GPU's are used for become
ever more complex.
I wouldn't expect this particular limitation to last for very long.
It was only a short time ago that GPU's basically had *no* local ram.

More information about the developers mailing list