Logo des Repositoriums
 
Zeitschriftenartikel

The Evolution of Secure Hash Algorithms

Vorschaubild nicht verfügbar

Volltext URI

Dokumententyp

Text/Journal Article

Zusatzinformation

Datum

2020

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Verlag

Gesellschaft für Informatik e.V., Fachgruppe PARS

Zusammenfassung

Hashing algorithms are a popular tool for saving passwords securely or file verification. Storing plain-text passwords is problematic if the database gets exposed. However it is also a problem if the used hashing algorithm is outdated. Short passwords can be attacked with brute-force search, hence recommendations of a minimal password length are common. Given that computer performance increased significantly during the last decades, outdated hashes, especially generated by short passwords, are vulnerable today. We evaluate the resilience of SHA-1 and SHA-3 hashing against brute-force attacks on a 24-core dual-processor system, as well as on a modern UltraScale+ FPGA. Reaching a peak performance of 4:45 Ghashes, we are able to find SHA-1 hashed passwords with a length of up to six characters within three minutes. This time increases by a factor of 5.5 for the more secure SHA-3 algorithm due to its higher complexity. We furthermore present a study how the average cracking times grows with increasing password length. To be resilient against brute force attacks, we therefore recommend a minimum password size of at least 8 characters, which increases the needed computing time to several days (SHA-1) or weeks (SHA-3) on average.

Beschreibung

Pfautsch,Frederik; Schubert, Nils; Orglmeister, Conrad; Gebhart, Maximilian; Habermann, Philipp; Juurlink, Ben (2020): The Evolution of Secure Hash Algorithms. PARS-Mitteilungen: Vol. 35, Nr. 1. Berlin: Gesellschaft für Informatik e.V., Fachgruppe PARS. PISSN: 0177-0454. pp. 5-15

Schlagwörter

Zitierform

DOI

Tags