HN2new | past | comments | ask | show | jobs | submitlogin

I didn't really like cryptacular that much. I don't really know why one character of the hash is being taken off; I remember curiously wondering why that was in there when I was fiddling with the source to get it to compile on Windows.

I also don't know if that would pose as a significant security threat - sure, you would be taking one character off of the number of characters that need to be brute forced, but it is only one. I'm not informed enough to give an accurate opinion.

I do know, though, that jumping to conclusions before a thorough explanation is provided is silly... Hence why I'm not suddenly jumping to the use of cryptacular or others.



I'm guessing it would make brute forcing about 40 times easier.


Which is a statement not unlike talking about making it 40 times easier to travel to the Andromeda galaxy.


Indeed.


Bear in mind that the likelihood here is something like 2^-186


It would make it 256 times easier, reducing the keyspace by ~4.16%.


Reducing the log of the keyspace by 4.16%, which is not a particularly interesting measurement.

Reducing a key by 8 bits reduces the key space by 255/256, regardless of key size.


I don't see how that can be, given that the character that's chopped off can take one of 40 values... Or is it case sensitive? Still, nowhere near 256.


It's not b64 encoding the final byte of the hash, not dropping a b64 character.


Ah, I see. You are correct, then. Also, that would make it 64 times, if I were right, it seems.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: