TMTO...Y?

Presented at BSidesLV 2017, July 26, 2017, 11 a.m. (55 minutes)

Yes it is 2017 and you have not traveled back in time. This talk is about "instant" password recovery, the new advances in this field, and uses of these "lossy hash tables". There are people actively using these to crack passwords. When time is critical. We'll discuss optimizations and optimal settings along with general sizes and times.

Presenters:

• Steve Thomas
  Steve specializes in crypto and password research. Steve was one of the panelists for the Password Hash Completion. "I do stuff... sometimes." Like PAKE to HSM or finding bugs in Signal Protocol, CryptoCat, Adobe ColdFusion 9's password encryption key generator, and password hashing functions (MySQL323 meet in the middle attack, XSHA1 [Blizzard's old hash function], etc).

Links:

• https://bsideslv2017.sched.com/event/BNGK/tmtoy
• https://infocon.org/cons/Security BSides/BSides Las Vegas/Bsides Las Vegas 2017/TMTOY - Steve Thomas.eng.srt (subtitles)
• https://infocon.org/cons/Security BSides/BSides Las Vegas/Bsides Las Vegas 2017/TMTOY - Steve Thomas.mp4
• https://www.youtube.com/watch?v=KKNlCRmVl-E

Similar Presentations:

• HOPE 2020 Virtual Rescheduled / Password Superpowers: How to Crack Hashes and Stump Hackers