WEBVTT

00:00.000 --> 00:04.740
Your password probably sucks, but that's not the real problem here.

00:05.180 --> 00:13.280
The real problem is the companies that store it like amateurs, making even stronger passwords

00:13.280 --> 00:15.720
crack in seconds sometimes.

00:16.440 --> 00:25.660
Key stretching changes this equation by making every wrong guess cost actual money in electricity

00:25.660 --> 00:27.660
and hardware and time.

00:28.460 --> 00:33.140
Picture your password as a cheap lock on a storage unit, for example.

00:33.680 --> 00:37.000
Anyone with bolt cutters can walk right through it, essentially.

00:37.580 --> 00:44.780
Key stretching wraps that lock in layers of computational concrete, like suddenly those

00:44.780 --> 00:50.920
bolt cutters need to become like industrial mining equipment that burns thousands of

00:50.920 --> 00:56.000
dollars in electricity just to try to get it open.

00:56.420 --> 01:01.600
Most people think password strength comes from randomness and length, and that's part

01:01.600 --> 01:03.280
of it, but there's more to it.

01:03.420 --> 01:07.260
What actually matters is how expensive your password becomes to guess.

01:07.980 --> 01:15.320
For example, a character password properly stretched with modern algorithms resists attacks better

01:15.320 --> 01:20.360
than a 16 character password stored with basic protection.

01:21.400 --> 01:24.820
Here's what nobody actually explains about password storage.

01:25.260 --> 01:30.620
When you create an account, the website doesn't actually save your password, right?

01:31.000 --> 01:38.640
They run it through a mathematical function that creates a unique fingerprint called a hash.

01:39.220 --> 01:46.200
Attackers who steal these ashes need to try to guess the passwords and check if they

01:46.200 --> 01:49.820
can create the same type of fingerprint that was created.

01:49.820 --> 01:56.980
Now, without key stretching, modern graphics cards check billions of guesses per second, so

01:57.290 --> 02:03.480
your super secure one, two, three password falls in basically microseconds.

02:03.900 --> 02:11.080
With proper stretching, using something like Argon2, each guess takes half a second and

02:11.080 --> 02:13.060
eats a gigabyte of RAM.

02:13.540 --> 02:19.140
Now your attacker went from billions of attempts per second down to maybe one or two.

02:19.140 --> 02:25.400
The math becomes kind of hilarious when you scale it up, so testing one million password

02:25.400 --> 02:32.160
candidates at two guesses per second requires almost six days of continuous computation,

02:32.520 --> 02:34.060
which is a lot more effort, right?

02:34.580 --> 02:41.200
Obviously, testing one billion, though, requires nearly 16 years, and that assumes perfect

02:41.200 --> 02:48.060
efficiency with zero downtime, like no hardware failures, no electrical cost piling up.

02:48.060 --> 02:51.820
Think about what that actually means for mass surveillance, for example.

02:52.420 --> 02:58.480
The NSA can't just vacuum up everyone's data and crack it later when key stretching is

02:58.480 --> 02:59.620
actually done right.

02:59.780 --> 03:06.260
They need to try to decide if cracking your encrypted file is worth burning 50 grand

03:06.700 --> 03:12.880
in computational resources, and most people really aren't worth that level of investment.

03:13.300 --> 03:18.980
Early UNIX engineers basically understood this principle back when computers filled

03:18.980 --> 03:22.120
entire rooms because they had to.

03:22.740 --> 03:25.460
You have to be more efficient when you have less.

03:26.000 --> 03:31.360
So they used multiple rounds of encryption, DES specifically, not to hide passwords better,

03:31.460 --> 03:36.460
but to make each guess hurt, and modern algorithms took this concept and basically

03:36.460 --> 03:40.900
weaponized it into economic warfare against attackers.

03:40.900 --> 03:47.820
PBKDF2 runs your password through thousands or even millions of hash iterations,

03:48.260 --> 03:55.200
and each feeding into the next, kind of like a computational chain that can't be shortcut.

03:56.020 --> 04:02.640
Bcrypt uses something called Blowfish Cipher to create deliberate complexity that really

04:02.640 --> 04:06.780
neutralizes GPU advantages to a large degree.

04:06.780 --> 04:11.480
Those expensive graphics cards that hackers love suddenly become inefficient,

04:11.900 --> 04:14.740
paperweights basically, or space heaters.

04:15.060 --> 04:22.040
Xcrypt goes nuclear on memory requirements by demanding huge amounts of RAM for each guess,

04:22.240 --> 04:27.280
and it makes specialized cracking hardware just economically stupid.

04:27.700 --> 04:34.360
Your attacker needs actual computers with real memory, not just raw processing power.

04:34.360 --> 04:41.540
Argon2 combines all of these approaches with adjustable parameters that let defenders adapt

04:41.540 --> 04:44.820
to evolving threats when they evolve.

04:45.120 --> 04:47.080
Have you heard of Keystretching before this video?

04:47.620 --> 04:49.480
Like most people haven't, that's why I'm asking.

04:50.240 --> 04:53.360
Because companies really, on one degree, don't really want you to understand

04:53.360 --> 04:55.460
how badly they're failing you.

04:55.760 --> 04:59.520
I'd definitely like to hear in the comments if this is new information to you.

04:59.520 --> 05:04.040
I'm genuinely curious how well this knowledge is actually spread

05:04.040 --> 05:07.260
outside of the kind of technical circles that exist.

05:07.940 --> 05:12.280
And here's where companies, some degree, constantly screw you over.

05:12.400 --> 05:18.360
Like your bank probably protects your password worse than a properly configured WordPress blog

05:18.360 --> 05:19.080
does.

05:19.520 --> 05:25.240
They chose speed, like over security, because they'd rather get hacked than

05:25.240 --> 05:27.140
weigh an extra half a second.

05:27.140 --> 05:28.980
And that's just being competent.

05:29.300 --> 05:36.900
The implementation failures definitely go even further than just being cheap, though.

05:37.000 --> 05:39.200
We can't just put it all on that.

05:39.580 --> 05:42.020
Keystretching needs something called the salt.

05:42.260 --> 05:44.860
And basically it's a random value.

05:45.100 --> 05:50.840
You need to each user that gets mixed with your password before it gets stretched.

05:51.280 --> 05:56.360
And without proper salts, attackers can basically pre-compute answers

05:56.360 --> 05:58.020
or optimize their approach.

05:58.760 --> 06:03.760
Yet company after company reuses salts or doesn't use them at all.

06:03.940 --> 06:10.660
Because their developers learn security from a YouTube tutorial that was not this channel.

06:11.300 --> 06:16.820
Password managers like KeyPass and Bitwarden do actually implement this correctly

06:17.240 --> 06:19.400
for things like their master password.

06:19.640 --> 06:25.400
BearCrypt is great in that it lets you configure millions of iterations for disk

06:25.400 --> 06:25.820
encryption.

06:25.820 --> 06:32.600
Even some consumer routers actually support stretched passwords if you dig through their

06:32.600 --> 06:32.980
settings.

06:33.540 --> 06:34.480
The tools exist.

06:34.680 --> 06:38.100
Companies just really refuse to actually use them properly.

06:38.420 --> 06:42.520
And here's the kind of dark comedy of our surveillance state.

06:42.640 --> 06:46.760
The FBI complains about going dark when criminals use encryption.

06:47.060 --> 06:54.200
But what that actually means is that properly stretched keys cost too much to actually

06:54.200 --> 06:54.520
crack.

06:54.520 --> 06:58.220
Actual security interferes with their dragnet surveillance program.

06:58.420 --> 07:02.980
And every additional iteration of key stretching represents friction against

07:03.480 --> 07:07.220
the unconstitutional spying that's constantly going on.

07:07.360 --> 07:13.440
The same government that's spending billions on quantum computers to break encryption can

07:13.440 --> 07:18.800
be defeated by properly configured password stretching that any competent developer could

07:18.800 --> 07:20.500
implement in an afternoon.

07:20.500 --> 07:25.940
They're building death stars while we're winning with computational guerrilla warfare.

07:26.200 --> 07:31.420
Your operational security depends on understanding these kind of basic dynamics that exist.

07:31.760 --> 07:37.660
Strong passwords alone will not protect you when they're stored completely incorrectly.

07:38.180 --> 07:43.800
But even mediocre passwords become nearly unbreakable when properly stretched.

07:44.400 --> 07:47.840
The transformation happens through pure mathematics.

07:48.260 --> 07:51.640
And that means like there's no back doors or weaknesses.

07:52.060 --> 07:59.900
It's just computational expertise that scales with attack or resources.

08:00.740 --> 08:05.840
Like individual users can take control immediately when choosing services.

08:06.100 --> 08:08.080
Ask about their key stretching parameters.

08:08.580 --> 08:12.060
Use tools that let you control these settings.

08:12.600 --> 08:15.920
Make your secrets too expensive for anyone to try and steal.

08:16.510 --> 08:19.540
Stop trusting companies that have proven repeatedly

08:20.110 --> 08:23.560
that they choose profit over your protection.

08:24.100 --> 08:29.000
The economics become pretty brutal for attackers when we get to scale, right?

08:29.460 --> 08:32.620
Like cryptocurrency miners, for example, perfectly understand this.

08:33.000 --> 08:36.180
They calculate attrition costs versus potential profits.

08:36.600 --> 08:40.460
Password cracking follows identical economics.

08:40.860 --> 08:44.820
Make the cost exceed the value and the attack stops.

08:44.820 --> 08:48.380
And not because attackers can't actually succeed, so what I'm saying.

08:48.820 --> 08:51.740
But because they just can't afford to succeed.

08:52.260 --> 08:57.040
Like surveillance capitalism depends on weak security to remain profitable.

08:57.320 --> 09:00.900
Data breaches need to stay cheap if every password required

09:00.900 --> 09:04.640
serious computational investments to actually crack

09:04.640 --> 09:08.900
the entire ecosystem of buying and selling stolen credentials

09:08.900 --> 09:11.080
to some degree would collapse.

09:11.080 --> 09:16.080
And that's exactly why proper implementation faces such strong resistance.

09:16.640 --> 09:22.680
Every properly protected password increases the global cost of surveillance.

09:22.980 --> 09:26.180
Every company implementing real key stretching

09:26.470 --> 09:30.920
makes mass data breaches less and less valuable, right?

09:31.340 --> 09:34.760
Like the aggregate effect could absolutely cripple

09:34.760 --> 09:38.280
the surveillance economy if deployed widely enough.

09:38.280 --> 09:42.520
And this isn't really, this has nothing to do with personal privacy, right?

09:43.060 --> 09:48.040
I'm talking more about systemic resistance to authoritarian overreach.

09:48.400 --> 09:54.480
For example, key stretching transforms authentication from a speed bump

09:54.480 --> 09:59.180
into kind of an economic battlefield where defenders set the terms

09:59.180 --> 10:02.800
and you get to decide the computational requirements that will be needed.

10:03.200 --> 10:05.060
You control the memory demands.

10:05.060 --> 10:10.940
You force attackers to fight where their advantage is essentially evaporate

10:10.940 --> 10:13.880
and their budgets screaming pain.

10:14.580 --> 10:17.200
The solution is not that complex.

10:17.480 --> 10:23.340
New systems should use Argon to with at least 64 megabytes of memory

10:23.340 --> 10:28.000
with multiple iterations legacy systems need S-crypt or B-crypt

10:28.000 --> 10:33.380
with aggressive parameters that never accept PBKDF2 with shot one

10:33.380 --> 10:37.580
despite what outdated compliance frameworks actually suggest.

10:38.260 --> 10:40.700
These definitely are not recommendations.

10:40.840 --> 10:47.320
They're kind of minimal viable security in this day and age, right?

10:47.460 --> 10:52.060
With like $8 per hour criminals renting massive GPU clusters.

10:52.780 --> 10:57.480
What password managers or encryption tools are you using

10:57.480 --> 10:59.780
that actually implement proper key stretching?

10:59.780 --> 11:05.440
Security theater to most companies they don't bother actually doing this

11:05.440 --> 11:10.320
which is why I saw making this video as a worthwhile project

11:10.320 --> 11:12.540
for us to sit down and discuss key stretching.

11:12.800 --> 11:15.900
If you haven't heard of this, I'd love to know about it in the comments

11:16.320 --> 11:18.940
and if you did hear about it, I'd like to know what's about it

11:18.940 --> 11:22.240
and if you did know about it, I'm sorry that you already knew about it

11:22.240 --> 11:22.940
and saw nothing new.

11:23.080 --> 11:24.160
I get comments all the time.

11:24.280 --> 11:25.520
I was like, I already knew about this.

11:25.660 --> 11:27.680
Why didn't you talk about something more detailed

11:27.680 --> 11:33.220
and in depth, sorry, I get a poll of what everyone knows

11:33.220 --> 11:35.360
when I make these videos and I guess I digress.

11:36.260 --> 11:38.920
Thank you for watching to the end and I'll see you in the next video.