From owner-freebsd-security@FreeBSD.ORG Mon Jun 11 21:36:17 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id E0567106566B for ; Mon, 11 Jun 2012 21:36:17 +0000 (UTC) (envelope-from mandrews@bit0.com) Received: from magnum.bit0.com (magnum.bit0.com [IPv6:2604:e700:b0:1::200]) by mx1.freebsd.org (Postfix) with ESMTP id 90D288FC14 for ; Mon, 11 Jun 2012 21:36:17 +0000 (UTC) Received: from magnum.bit0.com (localhost [127.0.0.1]) by magnum.bit0.com (Postfix) with ESMTP id E0337D9F2 for ; Mon, 11 Jun 2012 17:36:16 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=bit0.com; h=message-id :date:from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; s=boogity; bh=AA3CEzWn9 igWoMG4yqUYBe+aa+GZDyjGVg/XkRZTSTI=; b=p3ShRTAcbraiqyvtt7M9/+QFA e9lPS20gB6tZ9LSXYEWllMEVnGXxjrbC6NDY5GEFX5l65lbiGAtkyi2kl8mu+Wx1 VrJbx1Y17Un3CHWA1pH0NhAC86KAqvB3dO11ki4aiTq9ZAMuAwohWymBaoT3BHm1 eOJu7n8JhozCVjaqrw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=bit0.com; h=message-id:date :from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; q=dns; s=boogity; b=GsO GXxWMA6W9lJEd5Z9TIf7+DgXk+1toNZGkhgdhKszfofYwePAFgSsXuc7UJUXlrar /cxi46hiHaVP7Z5rcVEOrRTOK13SzM2UyFgFO3GZ53uGv4qySaV1akPbacyiglzk c2cFIHIUGA8HeZahFYkKxrAeFycsV3jRyOLE0zzY= Received: from millenniumforce.local (ip-64-134-165-238.public.wayport.net [64.134.165.238]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by magnum.bit0.com (Postfix) with ESMTPSA id AC03AD9F1 for ; Mon, 11 Jun 2012 17:36:16 -0400 (EDT) Message-ID: <4FD664CF.5010400@bit0.com> Date: Mon, 11 Jun 2012 17:36:15 -0400 From: Mike Andrews User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:12.0) Gecko/20120428 Thunderbird/12.0.1 MIME-Version: 1.0 To: freebsd-security@freebsd.org References: <20120611002402.088b2f74@gumby.homeunix.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: blf uses only 2^4 round for passwd encoding?! [Re: Default password hash] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Jun 2012 21:36:18 -0000 On 6/10/12 8:03 PM, Oliver Pinter wrote: > On 6/11/12, RW wrote: >> On Mon, 11 Jun 2012 00:37:30 +0200 >> Oliver Pinter wrote: >> >>> 16 rounds in 2012? It is not to weak?! >> It's hard to say. Remember that blowfish was designed as a cipher not >> a hash. It's designed to be fast, but to still resist known plaintext >> attacks at the beginning of the ciphertext. It was also designed to >> work directly with a passphrase because there was a history of >> programmers abusing DES by using simple ascii passwords as keys. >> >> For these reasons initialization is deliberately expensive, >> effectively it already contains an element of passphrase hashing. > Yes, I know that the blowfish is a cipher and not hash, but I think 16 > round today is too small. I checked this in a freshly installed > openbsd, and they used 256 round ($2a$08$...) . > In OpenBSD, I think the number of Blowfish rounds is configurable via login.conf. I'd think that'd be an easy change to bring over...