Date: Mon, 11 Jun 2012 17:36:15 -0400 From: Mike Andrews <mandrews@bit0.com> To: freebsd-security@freebsd.org Subject: Re: blf uses only 2^4 round for passwd encoding?! [Re: Default password hash] Message-ID: <4FD664CF.5010400@bit0.com> In-Reply-To: <CAPjTQNGfQ-743X2GaBMT8ausuO0zdxU552MUWxFXMt8=c8xLWA@mail.gmail.com> References: <CAPjTQNGOLfb64rtz3gu4xGF8aqzcjD5QBEjM_gwwAykKQoyWgA@mail.gmail.com> <20120611002402.088b2f74@gumby.homeunix.com> <CAPjTQNGfQ-743X2GaBMT8ausuO0zdxU552MUWxFXMt8=c8xLWA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 6/10/12 8:03 PM, Oliver Pinter wrote: > On 6/11/12, RW<rwmaillists@googlemail.com> wrote: >> On Mon, 11 Jun 2012 00:37:30 +0200 >> Oliver Pinter wrote: >> >>> 16 rounds in 2012? It is not to weak?! >> It's hard to say. Remember that blowfish was designed as a cipher not >> a hash. It's designed to be fast, but to still resist known plaintext >> attacks at the beginning of the ciphertext. It was also designed to >> work directly with a passphrase because there was a history of >> programmers abusing DES by using simple ascii passwords as keys. >> >> For these reasons initialization is deliberately expensive, >> effectively it already contains an element of passphrase hashing. > Yes, I know that the blowfish is a cipher and not hash, but I think 16 > round today is too small. I checked this in a freshly installed > openbsd, and they used 256 round ($2a$08$...) . > In OpenBSD, I think the number of Blowfish rounds is configurable via login.conf. I'd think that'd be an easy change to bring over...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FD664CF.5010400>