From owner-freebsd-java@FreeBSD.ORG Fri Sep 3 08:07:50 2004 Return-Path: Delivered-To: freebsd-java@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8BA7C16A4CE for ; Fri, 3 Sep 2004 08:07:50 +0000 (GMT) Received: from www.enhyper.com (mailgate.enhyper.com [62.49.250.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 80B4743D3F for ; Fri, 3 Sep 2004 08:07:49 +0000 (GMT) (envelope-from iang@iang.org) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by www.enhyper.com (8.11.6/8.11.6) with SMTP id i8387R227534; Fri, 3 Sep 2004 09:07:32 +0100 X-Authentication-Warning: www.enhyper.com: localhost.localdomain [127.0.0.1] didn't use HELO protocol Message-ID: <4138266F.4070203@iang.org> Date: Fri, 03 Sep 2004 09:08:15 +0100 From: Ian Grigg User-Agent: Mozilla Thunderbird 0.7.1 (X11/20040707) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-java@freebsd.org References: <20040901175727.I46718@turing.morons.org> In-Reply-To: <20040901175727.I46718@turing.morons.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: FreeBsdCrypt updated X-BeenThere: freebsd-java@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Porting Java to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Sep 2004 08:07:50 -0000 Just as a sort of heads-up on this and not to anyone in particular, MD5 and a host of other older hashing algorithms were shifted into the "broken" basked a couple of weeks ago at the Crypto conference [1]. Whether this means a given relying system, like Crypt, can be breached in practical circumstances is currently under debate, and depends highly on the use and import of the message digest within the system. From what I recall of Crypt, it isn't likely to be much of a threat there as the password list is still "hard to get". But, the message is clear: time to switch. Probably, the best thing to do is to switch to SHA1, which is unbroken (having a specific defence against the cracks announced mid august). But, a word of caution: there is a sort of uncertainty about how long SHA1 will last, and SHA-256 is maybe the next thing to aim at. But to double that caution, SHA-256 is the same construction as SHA-1, so there are thoughts that it is time for a whole new generation. So, the software systems engineer's viewpoint is this: migrate to a system where a few hashes can be accepted, and that way more migratibility can be built in. That is, relying on one message digest is no longer acceptable. As an example, taken from my company's software, we use textual forms like SHA:ABC123 SHA256:abc123 and we use binary forms with OpenPGP single byte numbers before the binary (RFC 2440: 0x02 == SHA1, 0x08 == SHA256). iang [1] Some of the detail of the conference is collected here: http://www.financialcryptography.com/mt/archives/000199.html Nick Johnson wrote: > FreeBsdCrypt can be found at > http://spatula.net/software/FreeBsdCrypt-1.1.jar . This contains an > implementation of FreeBSD-style MD5 crypt, which many have found useful > when trying to integrate Java stuff with FreeBSD stuff, or migrating from > other languages to servlets, or whatever. > > The jar contains all the API docs, source code, and the complied class. > Usage is pretty simple anyway: > > String result = FreeBsdCrypt.crypt("password", "salt"); > > The major change in this version is correcting the way the class name is > capitalized. It needed to start with an uppercase letter since it's a > class name, and then Pascal-casing the rest of it. Consensus on the web > seems to be that acronyms of 3 letters or more are to be Pascal-cased. > > Nick >