# Under starter’s orders … it’s the hash race

A hash signature is used to create a digital fingerprint for data. If it’s one bit of data or a whole network of data, we can produce a digital finger print for it. If we change one bit in the data, we should create a completely different hash signature. And don’t expect there do be some fancy mathematics to reverse it — as it’s a one way function.

Unfortunately they can be cracked using a dictionary attack (trying words from a dictionary and hashing the values), a brute force attack (this is normally achieved with rule which optimises the attack), or a rainbow table (where we have pre-computing hashes that we can compare against). The usage of salt now means that the rainbow table method is not often used, but GPU and ASIC crackers mean that dictionary and brute force attacks are still a weapon against hashed passwords.

But not all the hash methods are the same. Some are extremely fast (Murmur), some are very fast (SHA-1, SHA-3, MD5) and others are extremely slow (Bcrypt, PBKDF2, and APR1).

To determine, for a base system, the speed of the hashing, we can run a Python script [here] for “The quick brown fox jumps over the lazy dog”:

`Method:   Hashes per secondSHA-1:   121540SHA-256:  95907SHA-512:  70596MD5:   116357SHA-3 (224-bit): 68557DES:   108Bcrypt:   146APR1:   133PBKDF2 (SHA1):  1271PBKDF2 (SHA-256): 2846LM Hash:  468NT Hash:  7938MS DCC:   9627LDAP (MD5):  4099LDAP (SHA1):  13467MS SQL 2000:  4217MySQL:   7554Oracle 10:  87Postgres (MD5):  21250Cisco PIX:  12041Cisco Type 7:  10436Murmur:   1436091`

Each test is done for 40 hashes, and here Bcrypt and PBKDF2 have five rounds. We can determine the equivalent hashes for give salt values and rounds:

`HashesSHA-1 2fd4e1c67a2d28fced849ee1bb76e7391b93eb12SHA-256 d7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592SHA-512 07e547d9586f6a73f73fbac0435ed76951218fb7d0c8d788a309d785436bbb642e93a252a954f23912547d1e8a3b5ed6e1bfd7097821233fa0538f3db854fee6MD-5:   9e107d9d372bb6826bd81d3542a419d6DES:   ZDeS94Lcq/6zgBcrypt:   \$2a\$05\$hG6mpu4rn76ijaMrKsGjKecT6aN7mpQw1LXdvfYNqm8U4gTBw6SZmAPR1:   \$apr1\$ZDzPE45C\$3PvRanPycmNc6c2G9wT9b/PBKDF2 (SHA1):  \$pbkdf2\$5\$WkR6UEU0NUM\$0RB2bimWrMY.EPYibpaBT2q3HFgPBKDF2 (SHA-256): \$pbkdf2-sha256\$5\$WkR6UEU0NUM\$yrJz2oJix7uBJZwZ/50vWUgdEI/i0ffqeU4obqC0pk4LM Hash:  a7b07f9948d8cc7f97c4b0b30cae500fNT Hash:  4e6a076ae1b04a815fa6332f69e2e231MS DCC:   efa9778bbc94a7360f664eb7d7144725LDAP (MD5):  {MD5}9e107d9d372bb6826bd81d3542a419d6LDAP (SHA1):  {SHA}2fd4e1c67a2d28fced849ee1bb76e7391b93eb12MS SQL 2000:  0x01007C8F716EA340D4F1073EB2E227E83D047DEA9AA71A0FAD4BA049A39242CD46D4A61A8D5A35A2F536884157B9MySQL:   *A4E4D26FD0C6455E23E2187C3AABE844332AA1B3Oracle 10:  4CDA2299FCAD0499Postgres (MD5):  md5d44c15daa11770f25c5350f7e5408dd1Cisco PIX:  kGyKN5CqdFQ1qJUsCisco Type 7:  063207240C5F1C10061C52091E0B3D25642E3C2D6219121B131216564E56464E171013195456494B1550045C`

If a hash method is fast it can be broken easier than a slower one, but one that is fast can be used to quickly hash values. For a sample run, we can now rank in classifications:

`Ulta fast:Murmur:	        545,716 hashes per secondFast: SHA-1:          134,412SHA-256:        126,323MD5:            125,741SHA-512:         76,005SHA-3 (224-bit): 72,089Medium speed:LDAP (SHA1):	13,718MS DCC:	         9,582NT Hash:         7,782MySQL:	         7,724Postgres (MD5):	 7,284Slow:PBKDF2 (SHA-256): 5,026Cisco PIX:        4,402MS SQL 2000:      4,225LDAP (MD5):       4,180Cisco Type 7:     3,775PBKDF2 (SHA1):	  2,348Ulta-slow:LM Hash:          733APR1:             234Bcrypt:           103DES:               88Oracle 10:         48`

We can see, for speed, that Murmur wipes the floor with the rest, with MD5, SHA-1 and SHA-256 all coming in at around the same speed. For the slowcoaches we include Bcrypt, Oracle 10 and ARP1. With Bcrypt and PBKDF2 we have only done five rounds, so in real-life these methods would be even slower. So if you want to slow down an intruder … use Bcrypt or PBKDF2.

In the code we compute the hash 40 times and measure the time. The outline of the code used is:

A common tool used to crack hashed passwords is Hashcat, and where is can target given lengths of passwords, and commonly used password changes:

## Conclusions

Fast is good when you have to do lots of hashing, but slow is good is you want to stop the crackers. If your company has a data breach of passwords, hopefully you will be reporting on Bcrypt hashing rather than SHA-1.

Written by