From owner-freebsd-security@freebsd.org Sun May 27 23:14:20 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6B8CEEEFDFC for ; Sun, 27 May 2018 23:14:20 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "gate2.funkthat.com", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id CD1E072B7B; Sun, 27 May 2018 23:14:19 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.15.2/8.15.2) with ESMTPS id w4RNEIvn095502 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sun, 27 May 2018 16:14:18 -0700 (PDT) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.15.2/8.15.2/Submit) id w4RNEI6T095501; Sun, 27 May 2018 16:14:18 -0700 (PDT) (envelope-from jmg) Date: Sun, 27 May 2018 16:14:18 -0700 From: John-Mark Gurney To: Mark Felder Cc: freebsd-security@freebsd.org Subject: Re: Default password hash, redux Message-ID: <20180527231418.GG4982@funkthat.com> Mail-Followup-To: Mark Felder , freebsd-security@freebsd.org References: <1527111631.2205598.1382649664.0BF85F15@webmail.messagingengine.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1527111631.2205598.1382649664.0BF85F15@webmail.messagingengine.com> X-Operating-System: FreeBSD 11.0-RELEASE-p7 amd64 X-PGP-Fingerprint: D87A 235F FB71 1F3F 55B7 ED9B D5FF 5A51 C0AC 3D65 X-Files: The truth is out there X-URL: https://www.funkthat.com/ X-Resume: https://www.funkthat.com/~jmg/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.6.1 (2016-04-27) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (gold.funkthat.com [127.0.0.1]); Sun, 27 May 2018 16:14:18 -0700 (PDT) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 May 2018 23:14:20 -0000 Mark Felder wrote this message on Wed, May 23, 2018 at 16:40 -0500: > Around 2012[1] we made the brave switch from md5crypt to sha512. Some people were asking for bcrypt to be default, and others were hoping we would see pbkdf2 support. We went with compatible. Additionally, making password hashing more > > In light of this new article[2] I would like to rehash (pun intended) this conversation and also mention a bug report[3] we've been sitting on in some form for 12 years[4] with usable code that would make working with password hashing algorithms easier and the rounds configurable by the admin. I'd like to see it set where we set a time, say 50ms or so, and on each boot, we set the rounds based upon this. (obviously configurable), w/ a minimum maybe for slower systems... This allows us to autoscale to faster cpu systems... I believe that there are patches/review for making the default password hash algorithm configurable via login.conf or something similar.. so some of the work has already been done.. > I'd also like to see us to pull in scrypt if cperciva doesn't have any objections. It's good to have options. Yes, pulling in scrypt and/or argon2 is a great idea... -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."