Abstract or Summary:
In this work we analyze the average guesswork for the problem of hashed passwords cracking. For the case where the hash function is adaptively modified based on the passwords of the users we first find the average guesswork across users when the number of bins is $2^{m}$ and the number of users equals $2^{H(s)\cdot m-1}$, where $1/2\le s\le 1$ and $m\gg 1$. It turns out that the average guesswork increases (as a function of $m$) at rate that is equal to $H(s)+D(s||p)$ when $(1-p)\le s\le 1$, and $2\cdot H(p)+D(1-p||p)-H(s)$ when $1/2\le s\le (1-p)$. We then find the average guesswork of guessing a password that is mapped to any of the assigned bins (an offline attack). We also analyze the effect of choosing biased passwords on the average guesswork. Moreover, we provide a concentration result that shows that the probability mass function of the guesswork is concentrated around its mean value.

We also analyze the more prevalent case in which hash functions can not be modified. We derive a lower and an upper bounds for the average guesswork both under online and offline attacks. In addition, we show that the most likely average guesswork when passwords are drawn uniformly increases at rate $H(p)-H(s)$ under offline attacks and at rate $H(p)$ under online attacks. These results give quantifiable bounds for the effect of bias as well as the number of users on the average guesswork of a hash function, and show that increasing the number of users has a far worse effect than bias in terms of the average guesswork.