Skip navigation

Search algorithms

warning: Creating default object from empty value in /var/www/vhosts/ on line 33.
Original author: 
Megan Geuss

List your passwords alphabetically, so it's easy for you and others to find them!

Give three password crackers a list of 16,000 cryptographically hashed passwords and ask them to come up with the plaintext phrases they correspond to. That's what Ars did this week in Dan Goodin's Anatomy of a hack: How crackers ransack passwords like “qeadzcwrsfxv1331.” Turns out, with just a little skill and some good hardware, three prominent password crackers were able to decode up to 90 percent of the list using common techniques.

The hashes the security experts used were converted using the MD5 cryptographic hash function, something that puzzled our readers a bit. MD5 is seen as a relatively weak hash function compared to hashing functions like bcrypt. flunk wrote, "These articles are interesting but this particular test isn't very relevant. MD5 wasn't considered a secure way to hash passwords 10 years ago, let alone now. Why wasn't this done with bcrypt and salting? That's much more realistic. Giving them a list of passwords that is encrypted in a way that would be considered massively incompetent in today's IT world isn't really a useful test."

To this, Goodin replied that plenty of Web services employ weak security practices: "This exercise was entirely relevant given the huge number of websites that use MD5, SHA1, and other fast functions to hash passwords. Only when MD5 is no longer used will exercises like this be irrelevant." Goodin later went on to cite the recent compromises of "LinkedIn, eHarmony, and LivingSocial," which were all using "fast hashing" techniques similar to MD5.

Read 14 remaining paragraphs | Comments

Your rating: None

hypnosec writes "BLAKE2 has been recently announced as a new alternative to the existing cryptographic hash algorithms MD5 and SHA-2/3. With applicability in cloud storage, software distribution, host-based intrusion detection, digital forensics and revision control tools, BLAKE2 performs a lot faster than the MD5 algorithm on Intel 32- and 64-bit systems. The developers of BLAKE2 insist that even though the algorithm is faster, there are no loose ends when it comes to security. BLAKE2 is an optimized version of the then SHA-3 finalist BLAKE."

Share on Google+

Read more of this story at Slashdot.

Your rating: None

I've started doing interviews for internships, as I'm aspiring to get one this summer. However, I've done horrible on them.

I got A+ in my classes. I could implement and use data structures efficiently. I understood the algorithms presented to me. But I feel this wasn't/isn't an accurate measurement of my problem solving skills.

When presented with new algorithms or problems I have never encountered before, my brain stops working. I can rarely figure out the solutions all by myself. I always have to consult online references or other people's code, and I feel this doesn't make me better. I'm simply memorizing how other people got to it.

I've even bought books (Cracking the coding interview). I can't solve many of the problems they present. I have to read the solutions, then I get it (who wouldn't /eyeroll). But this is not helping me become better.

I've also worked on several projects related to web programming (creating user systems, forums) and game programming (simple 2D games with networking capabilities). I've learned a lot from these projects. But most of what I've learned concerns APIs and technologies (DirectX, MySQL, Winsock) and how they work. I rarely ran into having to implement or solve a puzzle type algorithms (maybe it's because I never got into doing advanced AI?) It's all been about understanding how a specific technology works. And if I had to use something complicated, I just used libraries which already implementing what I had to do.

tl;dr - got good grades and understood all concepts in comp.sci. courses. Have had plenty of non-academic programming/project experience. Have read books on algorithms. BUT I still suck at them if presented with one I haven't previously seen the solution to.

So does anyone have any tips on improving my algorithm skills that doesn't include trying to solve them and looking up a solution when I fail?

Thanks for all the advice. I really appreciate it. I'll start working on "easy" problems and go at them until I get at least a brute force solution. From there I'll try and clean up my code/solution. I'll try not to resort to looking at solutions in the same 48 hours of having started a problem at least.

Again, thanks for the advice. And for those of you who also struggle, it's good to know I'm not alone ;)

submitted by compsci_1234
[link] [34 comments]

Your rating: None

Alright. I have implemented a GA, a SA, and a RR to solve the same problem. It's time to see who wins. Help me out:

The three stochastic algorithms are each run 30 times, each time with a different random seed. They are optimization algorithms and they each spit out the quality of the solution they found at the end of each run. So there are 3 sets of 30 numbers.

Now don't fret over runtime complexity or any of that crap. They are all solving the same problem, which has a very very large solution space. None of them have any hope of finding the global optima. So they all terminate after the same number of evaluation operators. They run roughly the same time.

How do you compare these algorithms? Just compare the average of their solutions? What about statistical significance? How do you know which algorithm is the best? How do we rank em?

submitted by anchoa
[link] [9 comments]

Your rating: None