-1

I am using Scrypt to get a hash for my input and I didn't use SHA3 because I found out that it can be bruteforced with a dictionary attack to find the SHA3 output. Later I was told not to use Scrypt because it's unnecessary and just hash the output of SHA3 a million times, as it would be simpler but also more secure.

Is that true? or is using Scrypt still a fine choice?

Wor Chan
  • 139
  • 1
  • 11

1 Answers1

2

No, just hashing the password a million times is not more secure than scrypt.

There are at least two things that are missing:

  • the use of a salt, which differentiates the hash when users use the same password and prevent rainbow tables;
  • the memory usage of scrypt which can make it harder to crack passwords using specialized hardware.

What you are trying to re-implement is a password hash or PBKDF (Password Based Key Derivation Function, the same thing but to derive keys instead of hashes). There has been a password hashing competition not too long ago which Argon2 won. Baloon hashing is a later password hash created by a team of cryptographers.

I don't know which of your co-workers or acquaintances think that they could do better, but I think that they should learn about the Dunning-Kruger effect.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263