From 6119b9a50dea51c67790b7ac1916ad9d2f1df472 Mon Sep 17 00:00:00 2001 From: Andrew Morgan Date: Thu, 25 Jul 2019 19:03:43 +0100 Subject: [PATCH] *@hobnobbob.com is unlikely to be guessed --- proposals/2134-identity-hash-lookup.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/proposals/2134-identity-hash-lookup.md b/proposals/2134-identity-hash-lookup.md index 0eb996be..d6512c5a 100644 --- a/proposals/2134-identity-hash-lookup.md +++ b/proposals/2134-identity-hash-lookup.md @@ -34,9 +34,9 @@ The rainbow table attack is not perfect, because one does need to know email addresses and phone numbers to build it. While there are only so many possible phone numbers, and thus it is relatively inexpensive to generate the hash value for each one, the address space of email addresses is much, much -wider. If your email address is decently long and is not publicly -known to attackers, it is unlikely that it would be included in a rainbow -table. +wider. If your email address is not share a common mailserver, decently long +or is not publicly known to attackers, it is unlikely that it would be +included in a rainbow table. Thus the approach of hashing, while adding complexity to implementation and resource consumption of the client and identity server, does provide added @@ -306,8 +306,9 @@ for the `v1` endpoints, and are strongly encouraged to warn the user of this. Hashes are still reversible with a rainbow table, but the provided pepper, which can be rotated by identity servers at will, should help mitigate this. Phone numbers (with their relatively short possible address space of 12 -numbers), short email addresses, and addresses of both type that have been -leaked in database dumps are more susceptible to hash reversal. +numbers), short email addresses at popular domains, and addresses of both +type that have been leaked in database dumps are more susceptible to hash +reversal. Mediums and peppers are appended to the address as to prevent a common prefix for each plain-text string, which prevents attackers from pre-computing bits