From owner-freebsd-security  Fri Feb 14 08:21:37 1997
Return-Path: <owner-security>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id IAA13648
          for security-outgoing; Fri, 14 Feb 1997 08:21:37 -0800 (PST)
Received: from cold.org (cold.org [206.81.134.103])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id IAA13643
          for <security@freebsd.org>; Fri, 14 Feb 1997 08:21:33 -0800 (PST)
Received: from localhost (brandon@localhost) by cold.org (8.8.5/8.8.3) with SMTP id JAA03850; Fri, 14 Feb 1997 09:21:17 -0700 (MST)
Date: Fri, 14 Feb 1997 09:21:17 -0700 (MST)
From: Brandon Gillespie <brandon@cold.org>
To: Warner Losh <imp@village.org>
cc: security@freebsd.org
Subject: Re: blowfish passwords in FreeBSD
In-Reply-To: <E0vvHbl-00026f-00@rover.village.org>
Message-ID: <Pine.NEB.3.95.970214092046.3845B-100000@cold.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Thu, 13 Feb 1997, Warner Losh wrote:
> OpenBSD just committed a new encryption method using blowfish.  This
> has a much larger salt space as well as a much harder to break
> encryption scheme.  Preliminary indications are that it looks really
> good.  They implemented this much like md5, but with its own code.
> 
> I think we should bring this into FreeBSD.  What do others think?

How does it compare to SHA?  We've had SHA encryption sitting in PR for a
few months now, it uses the $2$ 'id'.

-Brandon