Archive for the ‘nonce’ Tag

Stronger password hashing – an abstract idea   7 comments

Proper disclosure: I am by no means an expert in cryptography (Math) and the following is just an idea I had after reading the article of how crackers make mince out of our passwords.

The Problem

Password hashes, strong as they may seem today, are becoming weaker every day. When I heard about numbers like 2 billion password hashes per second, I’m rather amazed. Technology has advanced. The thing is, today it may be 2 billion, but sooner than later it’ll be 10, 20, 100, or more. Sooner than we expect. Inspired a bit by the Bitcoin nonces I had this idea, which may or may not be good, I’m not here to judge. As said – I’m not an expert in cryptography.

I feel rather humble after reading that article. I know that cryptography is not engineering, but math. However with my experience in the computers field, it seems like sometimes you need a touch of engineering to adopt things to the real world. I bet in cryptography courses in university no one really teaches you how to implement password crackers using GPUs, or do they?


The problem today with password hashing is that we totally rely on the strength of the hash. With that logic, SHA2048 > SHA1024 > SHA512 > SHA256, you get the point. With GPU technology found today, we can either scale up with our hashing algorithm, or we can simply come with a method that’ll involve “more work”. I want to introduce a method which will help (possibly) to secure the storage of passwords.

Inspired by the Bitcoin proof of work, adding nonces every time to find new hashes, I thought about the following (abstract) algorithm to hash a password:

hash_password(plain_password, hashed_password, cpu_ticks_used)
  if (enough_cpu_ticks_used <= cpu_ticks_used)
    return hashed_password
    return hash_password(
      HASH(hashed_password + plain_password),
      cpu_ticks_used + cpu_ticks_used_for_hashing)

// Run with:
my_password = hash_password(&quot;P4ssw0rd&quot;, &quot;&quot;, A_LARGE_ADJUSTED_NUMBER)

What I'm trying to do here, is basically run a password enough time through a hashing function, until it is satisfactory for us (in terms of CPU/GPU power used nowadays) in terms of work. So as CPU/GPU power is becoming stronger, enough_cpu_ticks_used should increase.

Verifying Passwords

That’s the rather tricky part. As said before it’s just some food for thought. When verifying a password, obviously the exact same has to be done, except that if you have passwords of different strength, different cpu_ticks_used, for verifying you obviously have to invest enough time until you get to the password, which obviously increases the load on machines implementing this scheme.


Probably many!!

Things I can’t answer:

  • Is running SHA/MD5 over and over can weaken the final hash?
  • If the client has to authenticate (calculate the hash), how deep of a hash does he need to calculate?
  • If a stored password is “too weak” for the current day, you cannot rebuild the password, as you need the plain part, what do you do then?
  • No idea, help me list more limitations, or perhaps disproof all of this?

In the end of the day it wouldn’t protect us from the most simple and stupid password breaches, such as dictionary attacks and such, what it does counter is the crackers’ ability to run gazillion of hashes per second on a compromised password database.

I don’t come with all the answers, this is just something I had in the back of my head for a while and wanted to share, feel free to bash me if it is a stupid idea.


Posted July 1, 2013 by malkodan in System Administration

Tagged with , , , , , , ,