From owner-freebsd-security  Sat Feb 15 07:09:27 1997
Return-Path: <owner-security>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id HAA27680
          for security-outgoing; Sat, 15 Feb 1997 07:09:27 -0800 (PST)
Received: from rover.village.org (rover.village.org [204.144.255.49])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id HAA27675
          for <security@freebsd.org>; Sat, 15 Feb 1997 07:09:23 -0800 (PST)
Received: from rover.village.org [127.0.0.1] 
	by rover.village.org with esmtp (Exim 0.56 #1)
	id E0vvljp-0004WN-00; Sat, 15 Feb 1997 08:09:17 -0700
To: Stephen Fisher <lithium@cia-g.com>
Subject: Re: blowfish passwords in FreeBSD 
Cc: security@freebsd.org
In-reply-to: Your message of "Sat, 15 Feb 1997 00:18:41 MST."
		<Pine.BSI.3.95.970215001754.17869C-100000@maslow.cia-g.com> 
References: <Pine.BSI.3.95.970215001754.17869C-100000@maslow.cia-g.com>  
Date: Sat, 15 Feb 1997 08:09:17 -0700
From: Warner Losh <imp@village.org>
Message-Id: <E0vvljp-0004WN-00@rover.village.org>
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

In message <Pine.BSI.3.95.970215001754.17869C-100000@maslow.cia-g.com> Stephen Fisher writes:
: Where has this been used before though?  MD5 and especially DES have been
: time proven and tested and white papers have been written, and people have
: studied them to death already.

I don't have the references.

However, reports have come in that brute force has cracked 40 and 48
bit keys in less than a month.  Next stop 56 bit keys :-).

Warner