Well, except that now checking a user’s password may take up to 100* time. So you’re just trading 100* time for you to check the password against 100* time for the attacker to crack it. What’s the difference with just using a more complex hashing method? AFAIK it’s the same tradeoff.
Edit: wait, that’s only if the peppers are leaked. If cracking a single pepper is the most time-consuming part for the hacker, then this method allows to make that part specifically more difficult. I… guess it works (not a specialist).
Yup, and it’s already common practice to do 100K+ iterations (Django’s default, for example, is 260,000, and in one of their next updates the default is going to be raised to 360,000. And it doesn’t feel slow even on a weak laptop like mine).
It’s actually asymmetric even when the peppers are leaked, since for authentication you only have to check half of the peppers on average before you find the correct one (if the user inputs the correct password, which is most of the time), but to reject a password you have to try all the peppers, which is what you have to do if you don’t know the password and are trying to crack it.
Well, except that now checking a user’s password may take up to 100* time. So you’re just trading 100* time for you to check the password against 100* time for the attacker to crack it. What’s the difference with just using a more complex hashing method? AFAIK it’s the same tradeoff.
Edit: wait, that’s only if the peppers are leaked. If cracking a single pepper is the most time-consuming part for the hacker, then this method allows to make that part specifically more difficult. I… guess it works (not a specialist).
You don’t even need a more complex hashing method. You can just repeat the same hashing algorithm 100 times.
Yup, and it’s already common practice to do 100K+ iterations (Django’s default, for example, is 260,000, and in one of their next updates the default is going to be raised to 360,000. And it doesn’t feel slow even on a weak laptop like mine).
It’s actually asymmetric even when the peppers are leaked, since for authentication you only have to check half of the peppers on average before you find the correct one (if the user inputs the correct password, which is most of the time), but to reject a password you have to try all the peppers, which is what you have to do if you don’t know the password and are trying to crack it.