On Tue, Jul 04, 2006 at 12:04:11AM -0400, Chet Uber wrote: > Not to bicker, but the resources needed to use a database of all > possible passwords even with alphanumerics and salted is very finite > -- albeit large.
OpenBSD's blowfish passwords have 128-bits of salt. A table of all 8 character (lower-case only) alphanumeric passwords would require 2^128 * (26+10)^8 ~= 9.6*10^50 entries. Being ``very finite'' is irrelevant at this order of magnitude. > Just don't want people to think that they are safe as is not an NP- > complete problem. It is an NP-hard problem however. You are aware NP-complete problems are, by definition, reducible to NP-hard problems, right? In other words, NP-hard problems are ``harder'' than NP-complete ones.
