Nostr Web Client

I still feel like name + number is rainbow-tableable. Maybe a deterministic salt beacon (like hash of bitcoin block at height (N mod 4096 == 0) to resalt the hash every 4 weeks? but then old hashes could be cracked eventually 🤔 will ponder further

CG 1y ago 💬 1

Seems like an attacker could run hashes for all numbers + common names and look for matches. Then it’s just a question of compute and how far down the list of “common” names they want to go.

Reply to this note

Please Login to reply.

Discussion

jb55 1y ago 💬 1

yeah might need first + last, even then it could still be brute forced eventually… so single users could be cracked if someone was motivated enough

jb55 1y ago

The only other thing I could think of is doing a hash of a range of numbers 🤔 so cracking doesn’t reveal the exact number