A researcher has invented a method that cuts back the time and resources needed to crack passwords that are protected by the SHA1 cryptographic algorithm.
The new method, presented on Tuesday at the Passwords^12 conference in Oslo, Norway, can accelerate password cracking by 21 percent. The optimization works by cutting back the number of steps needed to calculate SHA1 hashes, which is utilized to cryptographically represent strings of text so passwords aren’t stored as plain text.
Such one-way hashes—for example
5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 to represent “password” (minus the quotes) and
e38ad214943daad1d64c102faec29de4afe9da3d for “password1″—can’t be mathematically unraveled, so the only means to reverse it is to run plaintext guesses through the same cryptographic algorithm until an identical hash is returned.