Let's suppose I know a website is using BCrypt with salts and the default round of 10. Can I do a dictionary attack by hashing all the words using BCrypt with the same parameters?
Asked
Active
Viewed 608 times
5
-
For what it's worth, the standard BCrypt output encodes both the salt *and* the work factor in the output string. In other words, if you know the site is using BCrypt, you should be able to get the work factor from the hash output. Even if you don't know that the site is using BCrypt, it's generally pretty easy to tell, because all the hashes will start with `$2a$10$...` or something similar. – Joseph Montanaro Mar 02 '17 at 00:51
1 Answers
3
Yes, you can. bcrypt, (and other similarly slow password hashing functions) aren't designed to make this impossible, but only to make it prohibitively expensive. Weak passwords are still susceptible to being discovered, but the amount of work an attacker needs to do goes up substantially, and compared to a fast hashing function, much weaker passwords become infeasible to crack due to the extra work required for each guess.
Xander
- 35,525
- 27
- 113
- 141
-
3And the salt would force you to hash every word in the dictionary once per password you want to crack. – Anders Mar 01 '17 at 21:49
-
2@Anders Correct. I assumed from the OP's question that was understood, but that's a good clarification. – Xander Mar 01 '17 at 21:53