From owner-freebsd-security Sat Feb 15 04:15:50 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id EAA18726 for security-outgoing; Sat, 15 Feb 1997 04:15:50 -0800 (PST) Received: from mexico.brainstorm.eu.org (root@mexico.brainstorm.fr [193.56.58.253]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id EAA18703 for ; Sat, 15 Feb 1997 04:15:43 -0800 (PST) Received: from brasil.brainstorm.eu.org (brasil.brainstorm.fr [193.56.58.33]) by mexico.brainstorm.eu.org (8.8.4/8.8.4) with ESMTP id NAA10310 for ; Sat, 15 Feb 1997 13:15:32 +0100 Received: (from uucp@localhost) by brasil.brainstorm.eu.org (8.8.4/8.6.12) with UUCP id NAA28908 for freebsd-security@freebsd.org; Sat, 15 Feb 1997 13:14:43 +0100 Received: (from roberto@localhost) by keltia.freenix.fr (8.8.5/keltia-uucp-2.9) id KAA26000; Sat, 15 Feb 1997 10:41:11 +0100 (CET) Message-ID: <19970215104111.CY55466@keltia.freenix.fr> Date: Sat, 15 Feb 1997 10:41:11 +0100 From: roberto@keltia.freenix.fr (Ollivier Robert) To: freebsd-security@FreeBSD.ORG Subject: Re: blowfish passwords in FreeBSD References: <199702142048.VAA08594@bengt> X-Mailer: Mutt 0.60,1-3,9 Mime-Version: 1.0 X-Operating-System: FreeBSD 3.0-CURRENT ctm#2999 In-Reply-To: ; from Aleph One on Feb 14, 1997 18:05:28 -0600 Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk According to Aleph One: > Well pseudo-collision have been found in MD5. It has also been estimated > that for 10 million 1994 dollars you could build a collision search > machine that could find a collision in 24 days on average. Of curse this > doesnt mean much to anyone using MD5 for their passwords. For 10 million There is a good description of RIPEMD-160 in the DDJ on compression / encryption. Seems to be a good algorithm. -- Ollivier ROBERT -=- The daemon is FREE! -=- roberto@keltia.freenix.fr FreeBSD keltia.freenix.fr 3.0-CURRENT #39: Sun Feb 2 22:12:44 CET 1997