This is really good for encrypted content such as a hard drive, password vault or gpg key

  • Possibly linux@lemmy.zipOP
    link
    fedilink
    English
    arrow-up
    4
    ·
    6 months ago

    I also think encryption password security depends heavily on the hash. A hash that’s takes along time to break will be more secure and will require a shorter password to be secure

    • kevincox@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      6 months ago

      Yeah, that is what I meant by “strength of the hash”. Probably should have been more clear. Basically the amount of resources it takes to calculate the hash will have to be spent by the attacker for each guess they make. So if it takes 1s and 100MiB of RAM to decrypt your disk it will take the attacker roughly 1s and 100MiB of RAM for each guess. (Of course CPUs will get faster and RAM will get cheaper, but you can make conservative estimates for how long you need your password to be secure.)

      • Possibly linux@lemmy.zipOP
        link
        fedilink
        English
        arrow-up
        1
        ·
        6 months ago

        Keep in mind they will be using GPUs with lots of ram and cores so that 1s will be more like hundreds or thousands a second.

        • kevincox@lemmy.ml
          link
          fedilink
          arrow-up
          2
          ·
          6 months ago

          It depends a lot on the hash functions. Lots of hashes are believed to be difficult to parallelize on GPUs and memory hard hash functions have different scaling properties. But even then you need to assume that an adversary has lots of computing power and a decent amount of time. These can all be estimated then you give yourself a wide margin.