Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Both bcrypt and scrypt hashing algorithms are designed to increase the resources

ID: 657988 • Letter: B

Question

Both bcrypt and scrypt hashing algorithms are designed to increase the resources required during the computation. Hashing passwords with these algorithms can be beneficial as it makes the task of an offline attacker more difficult.

The time required to hash a password can be increased by increasing the number of iterations in bcrypt. The attacker then has to execute this iterations in sequential manner as there is no assumed shortcut.

The memory required to hash a password can be increased in scrypt. The attacker will therefore need a large amount of memory to mount parallel attacks.

As, I understand both these algorithm attempt to thwart the parallel attacks.

My question is can we make SHA-x or any exiting secure hash algorithm iterative and memory intensive, and achieve the same functionality as that of bcrypt and scrypt?

Explanation / Answer

Making a hash function "iterative" already exists; it is called PBKDF2. Bcrypt is still preferable because PBKDF2 can be thoroughly optimized on GPU.

Designing a good password hashing function is a difficult job; but yes, existing hash function are good building elements, so they are likely to be involved at some point. Indeed, look at scrypt: it starts and ends with a PBKDF2 invocation, hence a lot of hashing. But the memory hardness comes from what happens between these two hashing phases. It is not a matter of a simple assemblage of hash functions that would provide memory hardness; just like a car is not simply "wheels that go where you want": the wheels are essential, but there is more in a car than wheels.

Cryptographers are currently busy designing and analysing new password hashing functions that try to be better (in some way) than PBKDF2, bcrypt and scrypt. This is the Password Hashing Competition. Some of the candidates reuse existing hash functions (e.g. Catena), but, like scrypt, their nice "password hashing" properties (e.g. memory hardness) comes from the rest of the design.

Related Questions

Both Dos and FreeBSD support multitasking. System calls can be carried out in ei
Question #3826502
Both Dow Chemical Company, a large natural gas user, and Superior Oil, a major n
Question #2699563
Both General Electric and Goldman Sachs are part of the DowJones Industrial Aver
Question #2577825
Both Germany and Finland, among a large number of other nation states, have far
Question #468259
Both IFRS and U.S. GAAP permit valuation of long-term debt and other liabilities
Question #2420977
Both Intel (www.intel.com (Links to an external site.)Links to an external site.
Question #2583975
Both Jill and John own toothpick factories. Jill\'s factory has low fixed costs
Question #1236287
Both Joseph Conrad’s Heart of Darkness and Franz Kafka’s The Metamorphosis are a
Question #106341
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Both batteries in Figure are ideal. Emf E_1 of battery 1 has a fixed value, but
Next
Both beam energy and luminosity are important for succesful particle accelerator

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.