June 9, 2015 at 2:30 pm
I have to amend my answer!
There is, in fact, a PBKDF2 implementation on SQL Server - even PBKDF2-HMAC-SHA-512 (modifiable for SHA1 if required):
https://stackoverflow.com/questions/7837547/is-there-a-sql-implementation-of-pbkdf2
Both the SHA-512 and the SQL 2008 compliant SHA-1 version are at:
https://github.com/Anti-weakpasswords/PBKDF2-MSSQL-Custom-A
These are still horrifically slow even compared to normal CPU based methods available in C, .NET, OpenSSL, John the Ripper, Hashcat, etc. much less the advanced GPGPU methods like oclHashcat[/url]
June 10, 2015 at 11:52 am
Junior Galvão - MVP (6/9/2015)
Hi Steve Jones,I appreciate your question, but the answers are a little confusing if we look at the Books Online and other blogs, like this: http://www.mssqltips.com/sqlservertip/3293/add-a-salt-with-the-sql-server-hashbytes-function/
Regards.
What's confusing?
June 10, 2015 at 12:00 pm
Hi Steve,
As I commented, referring to the Books Online cannot make use of salt on function Hashbytes instead, but there are ways to do it, even I posted the link.
That was my confusion regarding your inquiry.
June 10, 2015 at 12:09 pm
I don't understand the confusion. Hashbytes cannot add a salt. The programmer adds it, which is the answer to the question and what is shown in the link you posted.
June 11, 2015 at 6:03 am
Hi Steve,
Ok, ok, I know that.
Regards.
Viewing 5 posts - 61 through 64 (of 64 total)
You must be logged in to reply to this topic. Login to reply