Quote:Hello Anton,
What atom meant is that attack depends on the number of hashes you are trying to attack (this correlation is linear, e.g attacking 5 hashes will yield 1/5 of the attack speed).
Another reason for the slow speed could be the iterations count which is "embedded" in the hash string. I guess you could post the hash prefix and that's not against the forum rules, but basically the bcrypt hashes look like:
$2$<iterations>$<salt>$<base64-encoded hash>
The common hashes have "5" for iterations (which actually means 2^5=32), so they start with $2$05$
However some implementations might increase the iterations count.
Keep in mind that bcrypt is quite an anti-GPU algorithm as it requires a lot of memory accesses. A mid-end CPU would often crack it faster as compared to a high-end GPU.
Hello gat3way and thanks for an in-depth reply.
I do (or so I hope) understand the premise, but real-life tests (as per my previous post with just one hash) make no difference at all.
The hash in question starts with $2a$12$. I'm not sure what to make of it, bcrypt-wise, since I never dealt with it before. Looking at that 12 pretty much means I'm f*cked, do I understand this correctly? And you have a single-digit number before the first separator (yours is $2$, mine is $2a$), does that account for anything?
I'm pretty much alright on the memory front with 32GB of RAM and the latest 3.6ghz i7. Or so I thought.
Anyway, thanks again. That was enlightening.
Anton.