This past March, I published a white paper looking at how some applications hash credit card numbers and how vulnerable these hashes are to brute forcing.  I developed a proof of concept to roughly estimate the timings (about 2 million hashes per second).  Looking ahead, I estimated with additional optimization, multi-threading, and faster processors probably 50 million hashes per second is achievable.

Well, I was probably off by a factor of at least 5 on my future estimate.  Elcomsoft announced this week that it has filed a patent for a technique to use the "massively parallel processing" capabilities of the GPU on a video card to brute force passwords.  Others have also been doing research in this area.

A better estimate is at least 200 million hashes per second for a single pass of SHA-1 or MD-5 and I wouldn't be surprised if someone could achieve 500 million hashes per second in the near future.  This would allow someone to brute force all possible unsalted SHA-1 hashes in just 10 days rather than 3 years.  Adding intelligence with regards to brands and common issuing bank prefixes, most of the brute force times are reduced to minutes or seconds.  Storing plain-text digits (prefix and/or last 4) makes brute forcing a trivial exercise.

When hashing credit card number, the hashing must be carefully designed to protect against brute forcing by using strong cryptographic hash functions, large salt values, and multiple iterations.