DRAFT

Now published here

tl;dr: The major password-cracking projects should add support for general hash substring searching. This has value beyond vanity hashes, so I'd like to give it a new name: hash filtering.

What is a vanity hash?

A vanity hash is a hash that contains an interesting substring. For example, my actual Bitcoin address is:

1AzVVHTijMGoWzPtUJoWkF5u6vyS1NcTzj

But it would be cooler if it was this:

RoyceHTijMGoWzPtUJoWkF5u6vyS1NcTzj

That's a vanity hash. Finding one requires a brute-force search. The more characters you want, the harder it gets -- exponentially harder. But even just a few characters can be good enough.

Current examples of vanity hashes

We humans are vain creatures -- so when hashes are used as public identifiers, we want to personalize them:

Why hash substring searching is interesting

Finding substrings in hashes isn't just about vanity. It enables other interesting work:

So as you can see, it's not just about vanity.

That's why I want to give the overall class of hash substring searching -- collisions, vanity hashes, etc. -- a different name.

Let's call it hash filtering.

Why the password crackers are the best place to do hash filtering

How the password crackers might respond

Implementation suggestions

Potential bounty?

If this proposal is not obviously compelling, I will consider setting up a bounty (or charitable donation of the winner's choosing). The bounty would go to each major natively Linux-based project (John the Ripper or hashcat) that incorporates hash filtering. Edit distance would be optional.

If you want to go in on a bounty, contact me and I'll do the Bountysource setup.