Oddbean new post about | logout
jb55 | 7 months ago (raw) | root | parent | reply | flag +1 
 I still feel like name + number is rainbow-tableable. Maybe a deterministic salt beacon (like hash of bitcoin block at height (N mod 4096 == 0) to resalt the hash every 4 weeks? but then old hashes could be cracked eventually 🤔 will ponder further
jb55 | 7 months ago (raw) | root | parent | reply | flag +3 
 I think a problem with any one of these schemes based on public info is that a specific user could be brute forced. Will have to calculate how long it would take to do argon2(name + number) for all numbers with a known area code.
cgg | 7 months ago (raw) | root | parent | reply | flag 
 Seems like an attacker could run hashes for  all numbers + common names and look for matches. Then it’s just a question of compute and how far down the list of “common” names they want to go.
jb55 | 7 months ago (raw) | root | parent | reply | flag 
 yeah might need first + last, even then it could still be brute forced eventually… so single users could be cracked if someone was motivated enough
jb55 | 7 months ago (raw) | root | parent | reply | flag 
 The only other thing I could think of is doing a hash of a range of numbers 🤔 so cracking doesn’t reveal the exact number