It’s actually asymmetric even when the peppers are leaked, since for authentication you only have to check half of the peppers on average before you find the correct one (if the user inputs the correct password, which is most of the time), but to reject a password you have to try all the peppers, which is what you have to do if you don’t know the password and are trying to crack it.
It’s actually asymmetric even when the peppers are leaked, since for authentication you only have to check half of the peppers on average before you find the correct one (if the user inputs the correct password, which is most of the time), but to reject a password you have to try all the peppers, which is what you have to do if you don’t know the password and are trying to crack it.