Date: Fri, 14 Feb 1997 11:28:22 -0700 From: Warner Losh <imp@village.org> To: Nate Williams <nate@mt.sri.com> Cc: security@freebsd.org Subject: Re: blowfish passwords in FreeBSD Message-ID: <E0vvSMx-0002qb-00@rover.village.org> In-Reply-To: Your message of "Fri, 14 Feb 1997 11:04:14 MST." <199702141804.LAA00515@rocky.mt.sri.com> References: <199702141804.LAA00515@rocky.mt.sri.com> <E0vvHbl-00026f-00@rover.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199702141804.LAA00515@rocky.mt.sri.com> Nate Williams writes: : I think DES and MD5 are enough in the default distribution. You *can* : have too much of a good thing, and it hasn't been shown that MD5 is : breakable, and DES is only for abackwards compatability. The main motivation for doing this in OpenBSD was Theo knowing people that had broken MD5. He further asserts that many of his friends are able to break the MD5 passwords easily by brute force. Mostly due to the small salt space that made huge dictionary attacks possible. : Trying to support 3 encryption routines is loke trying to support three : init routines. :) Well, that's true. We should relegate MD5 to the scrap heap then :-). Actually, one of the features of the new sutff is a HUGE salt sapce that make it impossible to store a dictionary on anything short of a multiple terrabyte media. Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0vvSMx-0002qb-00>