414
you are viewing a single comment's thread
view the rest of the comments
[-] confusedbytheBasics@lemmy.world 4 points 1 year ago* (last edited 1 year ago)

Edited to remove untrue information. Thanks for the corrections everyone.

[-] Primarily0617@kbin.social 13 points 1 year ago* (last edited 1 year ago)

Incorrect.

They're designed to be resource intensive to calculate to make them harder to brute force, and impossible to reverse.

Some literally have a parameter which acts as a sliding scale for how difficult they are to calculate, so that you can increase security as hardware power advances.

[-] confusedbytheBasics@lemmy.world 1 points 1 year ago

I was incorrect but I still disagree with you. The hashing function is not designed to be resource intensive but to have a controlled cost. Key stretching by adding rounds repeats the controlled cost to make computing the final hash more expensive but the message length passed to the function isn't really an issue. After the first round it doesn't matter if the message length was 10, 128, or 1024 bytes because each round after is only getting exactly the number of bytes the one way hash outputs.

[-] Primarily0617@kbin.social 2 points 1 year ago

It depends on the hash. E.g., OWASP only recommends 2 iterations of Argon2id as a minimum.

Yes, a hashing function is designed to be resource intensive, since that's what makes it hard to brute force. No, a hashing function isn't designed to be infinitely expensive, because that would be insane. Yes, it's still a bad thing to provide somebody with a force multiplier like that if they want to run a denial-of-service.

[-] confusedbytheBasics@lemmy.world 1 points 1 year ago

I'm a bit behind on password specific hashing techniques. Thanks for the education.

My background more in general purpose one way hashing functions where we want to be able to calculate hashes quickly, without collisions, and using a consistent amount of resources.

If the goal is to be resource intensive why don't modern hashing functions designed to use more resources? What's the technical problem keeping Argon2 from being designed to eat even more cycles?

[-] Primarily0617@kbin.social 1 points 1 year ago* (last edited 1 year ago)

Argon2 has parameters that allow you to specify the execution time, the memory required, and the degree of parallelism.

But at a certain point you get diminishing returns and you're just wasting resources. It seems like a similar question to why not just use massive encryption keys.

[-] adambowles@lemmy.world 7 points 1 year ago

Hashes are one way functions. You can’t get from hash back to input

[-] taipan_snake@lemmy.world 5 points 1 year ago

Only if the hash function is designed well

[-] confusedbytheBasics@lemmy.world 2 points 1 year ago

True. I was all kinds of incorrect in my hasty typing. I'll update it to be less wrong.

[-] lotanis@discuss.tchncs.de 5 points 1 year ago

See "Password Hashing" here: https://en.m.wikipedia.org/wiki/Key_derivation_function

It is actually important to have a controlled cost to calculate in the forward direction too.

[-] confusedbytheBasics@lemmy.world 1 points 1 year ago

Totally true. I stand corrected. Thank you.

[-] andrew@lemmy.stuart.fun 3 points 1 year ago

Not true. Password hashing algorithms should be resource intensive enough to prevent brute force calculation from being a viable route. This is why bcrypt stores a salt, a hash, and the current number of rounds. That number of rounds should increase as CPUs get faster to prevent older hashes from existing in the wild which can be more effectively broken by newer CPUs.

[-] confusedbytheBasics@lemmy.world 2 points 1 year ago

I was incorrect about the goal being minimal resources. I should have written that that goal was to have controlled resource usage. The salt does not increase the expense of the the hash function. Key stretching techniques like adding rounds increase the expense to reach the final hash output but does not increase the expense of the hash function. High password length allowances of several thousand characters should not lead to a denial of service attack but they don't materially increase security after a certain length either.

[-] andrew@lemmy.stuart.fun 2 points 1 year ago

I'm arguing semantics here but bcrypt is the hashing function. Per the Wikipedia article on bcrypt:

bcrypt is a password-hashing function designed by Niels Provos and David Mazières, based on the Blowfish cipher and presented at USENIX in 1999.

Blowfish being a symmetric encryption cipher, not a hashing function.

Agreed on the rest, though. The hashing cost of a long password would not lead to DOS any more than the bandwidth of accepting that password etc. It's not the bottleneck. But also no extra security beyond a point, so might as well not bother when passwords are too long.

[-] confusedbytheBasics@lemmy.world 2 points 1 year ago

Semantics aside it sounds like we are in agreement. Have another upvote. :)

Why does upvoting feel better without a karma system? shrug

this post was submitted on 25 Jul 2023
414 points (91.6% liked)

Mildly Infuriating

35398 readers
1608 users here now

Home to all things "Mildly Infuriating" Not infuriating, not enraging. Mildly Infuriating. All posts should reflect that.

I want my day mildly ruined, not completely ruined. Please remember to refrain from reposting old content. If you post a post from reddit it is good practice to include a link and credit the OP. I'm not about stealing content!

It's just good to get something in this website for casual viewing whilst refreshing original content is added overtime.


Rules:

1. Be Respectful


Refrain from using harmful language pertaining to a protected characteristic: e.g. race, gender, sexuality, disability or religion.

Refrain from being argumentative when responding or commenting to posts/replies. Personal attacks are not welcome here.

...


2. No Illegal Content


Content that violates the law. Any post/comment found to be in breach of common law will be removed and given to the authorities if required.

That means: -No promoting violence/threats against any individuals

-No CSA content or Revenge Porn

-No sharing private/personal information (Doxxing)

...


3. No Spam


Posting the same post, no matter the intent is against the rules.

-If you have posted content, please refrain from re-posting said content within this community.

-Do not spam posts with intent to harass, annoy, bully, advertise, scam or harm this community.

-No posting Scams/Advertisements/Phishing Links/IP Grabbers

-No Bots, Bots will be banned from the community.

...


4. No Porn/ExplicitContent


-Do not post explicit content. Lemmy.World is not the instance for NSFW content.

-Do not post Gore or Shock Content.

...


5. No Enciting Harassment,Brigading, Doxxing or Witch Hunts


-Do not Brigade other Communities

-No calls to action against other communities/users within Lemmy or outside of Lemmy.

-No Witch Hunts against users/communities.

-No content that harasses members within or outside of the community.

...


6. NSFW should be behind NSFW tags.


-Content that is NSFW should be behind NSFW tags.

-Content that might be distressing should be kept behind NSFW tags.

...


7. Content should match the theme of this community.


-Content should be Mildly infuriating.

-At this time we permit content that is infuriating until an infuriating community is made available.

...


8. Reposting of Reddit content is permitted, try to credit the OC.


-Please consider crediting the OC when reposting content. A name of the user or a link to the original post is sufficient.

...

...


Also check out:

Partnered Communities:

1.Lemmy Review

2.Lemmy Be Wholesome

3.Lemmy Shitpost

4.No Stupid Questions

5.You Should Know

6.Credible Defense


Reach out to LillianVS for inclusion on the sidebar.

All communities included on the sidebar are to be made in compliance with the instance rules.

founded 1 year ago
MODERATORS