Easy, just convert all the hashes into passwords using a rainbow table. Should o... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		veemjeem on June 6, 2012 \| parent \| context \| favorite \| on: 6.5 Million LinkedIn Password Hashes Leaked Easy, just convert all the hashes into passwords using a rainbow table. Should only take a few seconds to convert all 6.5M passwords -- O(n) operation here. Then run all the passwords through each user's password algorithm, this is a O(n^2) operation. Essentially you're making 6.5M password attempts for each of your users. It could be slightly faster because I'm sure there are quite a few duplicates in 6.5M passwords.

sp332 on June 6, 2012 [–]

A SHA-1 rainbow table?

veemjeem on June 6, 2012 | [–]

What's wrong? They exist... they're bigger than md5 tables, but not significantly larger. If you don't have 50GB of free disk space, you could get a table with lower complexity for around 20GB or so.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact