Cracktivists pop 11 MEELLION Ashley Madison passwords
MD5 links in bcrypt chain mean Cheater Castle's crypto is not what it's cracked up to be
It has been claimed that 11 million of the leaked passwords contained in the Ashley Madison data dumps have been cracked by a group of researchers operating under the name "CynoSure Prime".
The cracking lays waste to Ashley Madison's remaining security street credibility, as the disgraced site used the lauded bcrypt cryptographic function for its passwords to slow such attacks to a crawl.
CynoSure Prime claimed it had a further four million vulnerable passwords to crack over the course of the next week.
Security bods at Cheater Capital ran their bcrypt installs with a cost factor of 12 to frustrate the cracking process such that every password iteration would need to be passed through 4,000 hashing rounds.
The cracking group of 16 researchers are the first of a few to have claimed to have made real progress in breaking the passwords.
This has been possible because they discovered an implementation flaw in which 15 million targeted passwords of the 26 million that were leaked had been protected using the $loginkey MD5 variable.
The MD5 hashing algorithm is – unlike bcrypt – lightweight, convenient, and terribly insecure.
"Without much information about the $loginkey variable and how it was generated, we decided to dive into the second leak of git dumps [and found] we could exploit [two] functions as helpers in accelerating the cracking of the bcrypt hashes," the group said.
They further described the work as a non-conventional means of attacking that implementation of bcrypt, as follows:
Through the two insecure methods of $loginkey generation observed in two different functions, we were able to gain enormous speed boosts in cracking the bcrypt hashed passwords.
Instead of cracking the slow bcrypt hashes directly, which is the hot topic at the moment, we took a more efficient approach and simply attacked [md5] tokens instead. Having cracked the token, we simply then had to case correct it against its bcrypt counterpart.
The $loginkey is generated on user account creation and again when users modify their accounts, and may be associated with automatic login.
Full technical details were provided in the post to satiate cryptography geeks, and terrify the rest of us. ®