[ale] unsalted hashes of 6 million linkedin passwords published on the internet

Michael H. Warfield mhw at WittsEnd.com
Fri Jun 8 12:33:27 EDT 2012 

On Fri, 2012-06-08 at 11:26 -0400, Ron Frazier (ALE) wrote:

> Tell me if this is right.  So being really simplistic about it, say
> every password was "password" and there was no salt.  If I were the
> hacker, I guess "password" hash it, and compare to the information
> that was leaked.  All the hashes match and I'm done.  If all the
> passwords were not "password" but some were, those would match and I'm
> done with them.

Correct.

> Again being simplistic, now, say all passwords are "password" and the
> salts are 0000 - 9999.  I realize that only allows for 10,000 entries
> in the user database.  So, to crack the 1st entry, I guess
> 0000password and hash it and check it.  Then I guess 0001password and
> check it.  And, I do this all the way up to 9999password if I have to.
> At some point, which could be all the way at the end, I hit the match
> for the first entry in the database.  Then, I do the same thing for
> the second entry, then the third entry, and so on until I've tried to
> crack all 10,000 entries with the word "password".  And , in each
> case, I may have had to try 10,000 times to crack each one.  So, to
> crack the whole databases with the word "password" could have taken me
> 10,000 x 10,000 tries, which equals 100,000,000.  And, if the password
> is "aardvark", then I have to do the whole thing again.  So, the whole
> task blows up to an unimaginably large impossible task, even for a
> computer doing a trillion operations / second.  So, the salt
> multiplies the number of crack attempts required for each user account
> record by the number of permutations in the salt.  In my example, the
> size of the salt limited the number of possible user accounts.
> Obviously, in the real world, they wouldn't let that happen.  Is that
> essentially it?

No, this is not correct.

You would take the first hash entry and look at its salt value, say
0300, and combine it with your password guess "password" and hash that
combination.  If that works, great, that's one.  Then you go to the next
hash entry and look at its salt value, say 1531.  You take that and
combine it with your password guess and hash that and compare that hash
value.  And you iterate through the list of hashes till you get to the
end.  Then you start over with a new password guess and repeat the
process over again for the ones you haven't broken.

An alternative method is to take the first hash and extract it's salt
and start trying every password guess you have in your dictionary using
that salt to see if you have a match.  When you get a match (or get to
the end) then you repeat that process with the next hash using its salt.

Either way you do it, you extract the salt that was used originally to
create the hash.  I suspect the former method is much more likely to
yield quicker results because you won't spend as much time on the
impossible to crack hashes and you'll pillage out the easy to crack ones
much much faster.  You would then generally kill the process after a
certain period of time assuming the others were not reasonably
crackable.  I believe John the Ripper works this way.

> Sincerely,

> Ron

Regards,
Mike

> 
> --
> 
> Sent from my Android Acer A500 tablet with bluetooth keyboard and K-9 Mail.
> Please excuse my potential brevity.
> 
> (To whom it may concern.  My email address has changed.  Replying to former
> messages prior to 03/31/12 with my personal address will go to the wrong
> address.  Please send all personal correspondence to the new address.)
> 
> (PS - If you email me and don't get a quick response, you might want to
> call on the phone.  I get about 300 emails per day from alternate energy
> mailing lists and such.  I don't always see new email messages very quickly.)
> 
> Ron Frazier
> 770-205-9422 (O)   Leave a message.
> linuxdude AT techstarship.com
> 
> 

-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20120608/5c828360/attachment.bin

More information about the Ale mailing list