Hacker News new | past | comments | ask | show | jobs | submit login

That's only 4 billion hashes to search the entire IPv4 address space. I don't think the entire search space is big enough for that really to provide much privacy while still being functional. Whatever you put in the way, that's somewhere in the neighbourhood of cracking a 6 character lowercase+number password.



But this is a rare case where you can use a derivation-extension function like PBKDF2 to make the hashing take practically any amount of time you want. You could probably make each run take a full minute on USA Today's hardware and still have your results in a reasonable amount of time.


How about adding a salt? Check your records and if sha256([salt] + ipaddress]) matches this hash, let us know. Where salt is a long random string.


You could still enumerate every option in practically no time.


Oh yes, you are right. Obviously, do not hire me for any kind of information security. Lol.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: