You're adorable candyjapan. I want to bounce you on my knee. When you eventually run a biz that doesn't just generate millions in revenue but is massively profitable, give me a shout and let me know if you still feel this way.
Imagine you have a biz that prints money. You literally have dump trucks that roll up to your gate every morning and unload, and amazingly you get to keep about half of it.
It's rare to create a business like that and if word gets out you'll have competitors swarming all over you driving down your margins until you're blowing every last cent trying to out market them and all that profitability will go away.
So you learn to STFU. Because people will steal your idea.
In the Valley among startups almost no-one is profitable and so it's all about sharing the love and lots of hugs because no one has anything to defend.
Two ways businesses print money: either be unique and capitalize on tiny amounts of large margins or be popular to capitalize on lots of tiny margins.
If it's popular and is profitable people will copy it. It's not that hard to reverse engineer products, most people just don't bother or try. Give me any CPG brand on the supermarket shelf right now and I can show you the supply chain and equipment needed to manufacture and deliver it.
Everything new gets commoditized eventually, especially considering it's all made in China anyways, and trickles through the global markets at various pacing.
That varying speed is the only competitive advantage one has. Your only job is to stay ahead of the game then when the game is boring sell that information to others to replicate. AKA franchising.
Then you keep spinning and spinning until 30 years later you can stand to wait around while others jump into a new market, burn out, and just take whatever you want out of that situation to come up with a new product and utilize your large economies of scale to immediately sell it in your extended network of retail stores that's making more per square foot than Tiffany's.
But do agree with the second part. Silicon Valley is just a giant R&D college campus built off other people's money experimenting on each other's child like sensibilities.
I agree entirely with that, and find myself confused why you tell me that.
Obviously you think my post is a personal attack, yet i do not understand why.
Unless you care to hear them, i'll spare you the details, but i assure you i only intended to pointed something out that the person dearly needs to hear, in the hopes that it might lead them to introspection; not to attack them.
You can interpret "get's away with" as "makes better business sense". On a slight tangent - in the infosec space those with closed source products (e.g. WAF's) laugh at those with open source products when it comes to the numbers of embarrassing and business-damaging zero-days reported.
Closed source rocks if you're a capitalist. Those who sell closed source love that open sourcers are so distracted by singing-it from the mountain.
~From a guy who runs a not-that-small open source biz.
> in the infosec space those with closed source products (e.g. WAF's) laugh at those with open source products when it comes to the numbers of embarrassing and business-damaging zero-days reported.
Because no one reports theirs? It's not a good reason to laugh if you think of it.
> in the infosec space those with closed source products (e.g. WAF's) laugh at those with open source products
I would imagine open source has more reported zero days because, well, the source is open and auditable.
I do see a lot more closed source in the info/app sec space, but I suppose if you know that space well enough, the source code is just a bonus to seeing how the program works, not a requirement.
Well, to decrypt the xor'd data you need to keep the key around. So either you a) memorize the entire one-time pad for every file, or b) you encrypt the one-time pads with AES.
The whole idea of salts is to prevent rainbow table attacks i.e. you can't use precomputed hashes.
In this case you'd need to precompute an SHA256 of a dictionary of scrypt hashes which would have been computed from a dictionary of english words.
In practical terms, if you steal the DB and wanted to reverse passwords, you'd need to scrypt lets say 100 million words, then SHA256 them, then compare them to what's in the DB.
The original blog entry argues (or maybe it was the post on the same site that linked to) that we should use more compute intensive hashing algorithms, rather than relying on salts. scrypt is definitely more compute intensive.
So if you didn't use a salt and wanted to throw a 100M word dict at this, how long would that take on decent hardware to create the rainbow table of 100M words which could be used repeatedly against stolen dictionaries? On a decent GPU you can do around 1.2 billion SHA256 hashes per second. So the SHA256 step is trivial.
So you could create your rainbow table to attack the non-salted version of this in around 25 seconds.
A salted version of this same system would need the scrypt to be salted because SHA256 is so fast. If you just salted the SHA256 you'd be able to use a precomputed scrypt rainbow table and then you only have to compute the salted SHA256's which as you can tell from my benchmark above is very fast.
So clearly the salt is needed and you need to compute scrypt(salt + password) -->> send to server and then SHA256(scryptHash). Note that you don't need to add the salt on the SHA256 side because you've already defeated a rainbow table attack by your initial salting.
So how fast could you attack a salted system like this using GPU's for your SHA256 and ASICS for your scrypt based on the benchmarks above?
You can pretty much ignore the SHA256 step because it's so fast, so you'd get around 4.5 million guesses per second using ASICS doing scrypt.
Compared to 1.2 billion guesses using a GPU for SHA256, that's not too bad.
Cryptocurrency mining ASICs cannot be used for password cracking because they are not designed to hash arbitrary strings, and do not support arbitrary scrypt parameterization. They are designed to take in a block template of some sort, and then internally handle iterating the nonce to minimize load on the communication bus and the host processor.
An interesting thing about GPU password cracking that many people don't realize is that the GPU is responsible for not only hashing candidate passwords, but also generating those candidate passwords. The bus bandwidth isn't enough and the CPU isn't fast enough to keep it fed with candidate passwords otherwise.
You could, of course, build password cracking ASICs that have internal processors for generating candidate passwords, but I'm not convinced that it doesn't make more sense to stick with GPUs or maybe FPGAs there.
You'd be better off with FPGA which are available in significantly smaller process sizes (and therefor lower running costs) than ASICs you roll yourself. There's also a certain level of reusability that you don't get with SHA256 etched into silicon.
Not true re GPU bandwidth/dictionaries. see cudahashcat - we're using it on a switched PCIe bus feeding dictionaries with plenty of bandwidth. You're not limited to mask attacks, which is what you're describing.
Are you sure about that? I'm more familiar with oclhashcat, and it certainly can't keep the GPU busy with a pure dictionary attack. It'll feed the GPU with a dictionary, then apply rules on GPU to generate variants.
mrb, this is awesome, thanks for sharing. Can you comment on storing the scrypt as an md5 hash and how that would impact security? [Asking because I'm confined to server side systems that only support md5]
IMHO While MD5 has a fraction of the keyspace of SHA2, it's still a very hard problem to reverse it and intuitively it seems this might provide a huge improvement over salted and stretched (multiple rounds) of md5 on the server.
Imagine you have a biz that prints money. You literally have dump trucks that roll up to your gate every morning and unload, and amazingly you get to keep about half of it.
It's rare to create a business like that and if word gets out you'll have competitors swarming all over you driving down your margins until you're blowing every last cent trying to out market them and all that profitability will go away.
So you learn to STFU. Because people will steal your idea.
In the Valley among startups almost no-one is profitable and so it's all about sharing the love and lots of hugs because no one has anything to defend.