Search code examples
hashcryptographyshascryptsha-3

Is SHA3 output re-hashed a million times more secure than Scrypt?


I am using Scrypt to get a hash for my input and I didn't use SHA3 because I found out that it can be bruteforced with a dictionary attack to find the SHA3 output. Later I was told not to use Scrypt because it's unnecessary and just hash the output of SHA3 a million times, as it would be simpler but also more secure.

Is that true? or is using Scrypt still a fine choice?


Solution

  • No, just hashing the password a million times is not more secure than scrypt.

    There are at least two things that are missing:

    • the use of a salt, which differentiates the hash when users use the same password and prevent rainbow tables;
    • the memory usage of scrypt which can make it harder to crack passwords using specialized hardware.

    What you are trying to re-implement is a password hash or PBKDF (Password Based Key Derivation Function, the same thing but to derive keys instead of hashes). There has been a password hashing competition not too long ago which Argon2 won. Baloon hashing is a later password hash created by a team of cryptographers.

    I don't know which of your co-workers or acquaintances think that they could do better, but I think that they should learn about the Dunning-Kruger effect.