Ashley Madison is an online dating service for people seeking extra marital affairs their motto is Life is short. Have an affair. In the summer of 2015, a hacking group known as The Impact Team released files that they claimed included all Ashley Madison customer data as well as a trove of the CEOs email messages. One of the files included approx. 36 mil hashed passwords. These passwords were each hashed, with a salt, using biometric cryptography [230] (https://www.usenix.org/legacy/event/usenix99/provos/provos.pdf ), which is a hash function based on the Blowfish block cipher [252] (http://www.schneier.com/blowfish.html ). The biometric cryptography hash includes a cost parameter, and each hash uses 2^cost rounds of a modified form of the Blowfish key schedule algorithm. For the Ashley Madison passwords, cost = 12, so the required time to crack passwords should be at least 4096 times greater, as compared to an optimized version of the hash. Answer parts a c based on the info in the article [122] (http://arstechnica.com/security/2015/08/cracking-all-hacked-ashley-madison-passwords-could-take-a-lifetime/ )

a) For the particular hardware configuration discussed in the article, how many Ashley Madison passwords (i.e. biometric cryptography hashes with cost = 12) could be tested per sec? With the same hardware, how many MD5 hashes could be tested per sec?

b) Within a few days of the release of the Ashley Madison files, about 4000 passwords were cracked. Using the rates from part a. and assuming the same rate of success, how many passwords could have been cracked in this same amount of time, assuming that MD5 with salt had been used instead of bycrpt? The article also states that if MD5 had been used. It would have taken only 3.7 years to crack all the passwords. Explain any discrepancy between this number and your estimate.

c) The article also claims that it would have taken 116,958 years to crack all 36 mil Ashley Madison passwords. As mentioned above, the article claims that if MD5 had been used, it would only take 3.7 yrs. This implies a ratio of 116,958/3.7 = 36610. That is, the biometric cryptography hash is 31,610 times slower to test on this specific hardware. Is this number consistent with the results from part a? Explain

d) An alternative to biometric cryptography is the Password-Based Key Derivation Function (PBKDF2), which is described in RFC 2898 [156] (https://tools.ietf.org/html/rfc2898 )