Could you not use an adaptive password hashing algo with an absurd iteration cou... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		koliber on Dec 14, 2016 \| parent \| context \| favorite \| on: The New and Improved Privacy Badger 2.0 Is Here Could you not use an adaptive password hashing algo with an absurd iteration count. Let's say each hash takes 500ms. Salt each domain with a different salt. Building a rainbow table would still be possible, but hindered. To discover one domain behind one hash, you would need to roughly run through half of the used domains with the slow password hash. That being said, the subset of popular domains is much smaller then the full set of domains, so the problem can be pared down to be much more effective than the worst-case.

stavros on Dec 14, 2016 | [–]

Yes, you could, and page loads would take 500ms per resource just to decide whether it should be blocked or not.

shakna on Dec 15, 2016 | [–]

EFF have been working on something a little bit more practical, and have re-engaged activity on it. [0]

[0] https://github.com/EFForg/privacybadger/issues/266

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact