Never, never, never underestimate human ingenuity.
German security enthusiast Thomas Roth spent a couple of bucks, used cloud computing and cracked an encryption algorithm that's been around 15 years.
For the record, the computer time in the Amazon cloud cost $2.10 for the 49 minutes it took to brute force the encryption.
"This just shows one more time that SHA1 for password hashing is deprecated - You really don't want to use it anymore!" Roth said.
The encryption standard, SHA-1, was built by the National Security Agency and was introduced in 1995. The National Institute of Standards planned to use it through 2010.
For those of you bewildered souls, here is an example of a sentence encrypted using the standard:
SHA1("The quick brown fox jumps over the lazy dog")
= 2fd4e1c6 7a2d28fc ed849ee1 bb76e739 1b93eb12
Before the alarms begin sounding, there were already plans to replace SHA-1 with SHA-2 before Roth pulled his coup. But it's not in wide use just yet.
FierceCIO notes that adding one character to the six character password would have increased the cost to $160.
The power of Amazon's cloud computer tried millions of combinations of passwords until it got it right. Roth's work took about 20 lines of code.
You are wondering what all this high order math means.
It means computers have decreased dramatically in price as computers have increased in power.
"Never, never, never give up," Sir Winston Churchill said to students at Harrow school during the height of Nazi blitz on London.
