Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 16 Nov 1998 14:45:56 -0500
From:      Adam Shostack <adam@homeport.org>
To:        Robert Watson <robert+freebsd@cyrus.watson.org>, Thomas Valentino Crimi <tcrimi+@andrew.cmu.edu>
Cc:        Terry Lambert <tlambert@primenet.com>, freebsd-security@FreeBSD.ORG
Subject:   Re: Would this make FreeBSD more secure?
Message-ID:  <19981116144556.A11685@weathership.homeport.org>
In-Reply-To: <Pine.BSF.3.96.981116124210.15576A-100000@fledge.watson.org>; from Robert Watson on Mon, Nov 16, 1998 at 12:46:24PM -0500
References:  <0qI4qUS00YUq09JbU0@andrew.cmu.edu> <Pine.BSF.3.96.981116124210.15576A-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
My understanding of Dobbertin's attack is that he generates both
halves of a collision pair, not finds an arbitrary match to a
pre-existing value.  If he has the latter, that may or may not
transform into an attack on the password system.  You'll need to find
a printable (<9 character?) value that collides if you want to attack
the password system via this route.

Adam

On Mon, Nov 16, 1998 at 12:46:24PM -0500, Robert Watson wrote:
| On Mon, 16 Nov 1998, Thomas Valentino Crimi wrote:

| >   And then we have md5 passwords, arguably broken, now, but orders of
| > magnitudes better than DES.
| 
| I don't think I would consider md5 broken exactly.  Just subject to
| intermittent collisions.  Is there a deterministic (and fast) way to
| detect whether one is employing a hash subject to the described collision
| attack?  If so, perhaps we can add a piece of code that attempts a number
| of values of salt, resulting in a more friendly hash.
| 
| I prefer one-time passwords for security applications; on the other hand I
| eagerly await a nice (scalable) PK authentication system used with
| hardware keys.

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19981116144556.A11685>