# HG changeset patch # User Christian Urban # Date 1412021466 -3600 # Node ID f7aa15984301915b3394188e94990e4673ddbddb # Parent f10d905e947f4b8c5b2d3995664f83a1f71900ea updated diff -r f10d905e947f -r f7aa15984301 handouts/ho01.pdf Binary file handouts/ho01.pdf has changed diff -r f10d905e947f -r f7aa15984301 handouts/ho01.tex --- a/handouts/ho01.tex Mon Sep 29 17:43:35 2014 +0100 +++ b/handouts/ho01.tex Mon Sep 29 21:11:06 2014 +0100 @@ -554,7 +554,7 @@ (especially if the database contains millions of entries). If we use no salt or one global salt, all hash-values will be the same for this password. So if a hacker is in the business of -cracking as much passwords as possible, then it is a good idea +cracking as many passwords as possible, then it is a good idea to concentrate on those very popular passwords. This is not possible if each password gets its own salt: since we assume the salt is generated randomly, each version of \pcode{123456} diff -r f10d905e947f -r f7aa15984301 slides/slides02.tex --- a/slides/slides02.tex Mon Sep 29 17:43:35 2014 +0100 +++ b/slides/slides02.tex Mon Sep 29 21:11:06 2014 +0100 @@ -72,6 +72,23 @@ \end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\begin{frame}[c] +\frametitle{Defence in Depth} + +\bgein{center} +\pcode{urbanc:$6$3WWbKfr1$4vblknvGr6FcDeF92R5xFn3mskfdnEn...:...} +\end{center} + +\begin{itemize} +\item hashes help when password databases are leaked +\item salts help with protecting against dictionary attacks + +\end{itemize} + +\end{frame} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \begin{frame}[c]