From owner-freebsd-questions@FreeBSD.ORG Wed Aug 3 02:03:22 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D63B7106564A for ; Wed, 3 Aug 2011 02:03:22 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50]) by mx1.freebsd.org (Postfix) with ESMTP id 6B9F28FC0C for ; Wed, 3 Aug 2011 02:03:22 +0000 (UTC) Received: by wwe6 with SMTP id 6so341161wwe.31 for ; Tue, 02 Aug 2011 19:03:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; bh=Rt92hhfFd127i+GjIliKF5eYfEvMijzok8NXIfFXGdM=; b=Exi4jmwI74cidl8OxVLraaNYnwymakLdX8eF0bWKByXhXR0IuNoRZUGaqhbEuZIOKd UWshUm+H8TGYPttx8CTFJdCUt7wemrBC5UXbj1oNV/4VdHB5J6pN+q9lrMkAVxXtcD+t R7WKc4/SeX25SjnM7DMF48CiugvCsGfrYqSZA= Received: by 10.227.39.154 with SMTP id g26mr7970803wbe.37.1312337001507; Tue, 02 Aug 2011 19:03:21 -0700 (PDT) Received: from gumby.homeunix.com (87-194-105-247.bethere.co.uk [87.194.105.247]) by mx.google.com with ESMTPS id fx12sm283751wbb.8.2011.08.02.19.03.18 (version=SSLv3 cipher=OTHER); Tue, 02 Aug 2011 19:03:19 -0700 (PDT) Date: Wed, 3 Aug 2011 03:03:12 +0100 From: RW To: freebsd-questions@freebsd.org Message-ID: <20110803030312.5db40695@gumby.homeunix.com> In-Reply-To: References: X-Mailer: Claws Mail 3.7.9 (GTK+ 2.22.1; amd64-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Subject: Re: password hash weaknesses in FreeBSD ? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2011 02:03:22 -0000 On Tue, 2 Aug 2011 17:36:12 +0100 =E3=83=9E=E3=83=B3=E3=83=AD=E3=83=BC=E3=82=AF=E3=83=AA=E3=82=B9=E3=83=88=E3= =83=95=E3=82=A1 wrote: > The crypt program to hash passwords uses md5 /DES/blowfish for > password hashing as I have read in the handbook. DES and md5 are > widely regarded to be broken (certainly DES). I would prefer password > hashing to be done using salted SHA1 / SHA256 to meet my security > needs. It depends what you mean by broken; most hashes are broken (or will be broken) in some sense - including SHA1. The types of break that make md5 unsuitable for verification purposes don't apply to password hashes. Furthermore FreeBSDs md5 password hash isn't simply md5, it's 1000 iterations of md5 with each iteration hashing the salt, password and previous hash in shifting combinations. These days the most realistic attack against typical user passwords is probably a direct brute-force attack using GPUs - in which case the underlying hash algorithm is insignificant.