From owner-freebsd-security  Tue Jun 15 13:55:20 1999
Delivered-To: freebsd-security@freebsd.org
Received: from 001101.zer0.org (001101.zer0.org [206.24.105.163])
	by hub.freebsd.org (Postfix) with ESMTP id DBAF9155D3
	for <freebsd-security@FreeBSD.ORG>; Tue, 15 Jun 1999 13:55:16 -0700 (PDT)
	(envelope-from gsutter@001101.zer0.org)
Received: (from gsutter@localhost)
	by 001101.zer0.org (8.9.2/8.9.2) id NAA75476;
	Tue, 15 Jun 1999 13:50:03 -0700 (PDT)
	(envelope-from gsutter)
Date: Tue, 15 Jun 1999 13:50:03 -0700
From: Gregory Sutter <gsutter@pobox.com>
To: Poul-Henning Kamp <phk@critter.freebsd.dk>
Cc: Warner Losh <imp@harmony.village.org>, Holtor <holtor@yahoo.com>,
	freebsd-security@FreeBSD.ORG
Subject: Re: DES & MD5?
Message-ID: <19990615135003.U37775@001101.zer0.org>
References: <199906150643.AAA90605@harmony.village.org> <5182.929429344@critter.freebsd.dk>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.95.4i
In-Reply-To: <5182.929429344@critter.freebsd.dk>; from Poul-Henning Kamp on Tue, Jun 15, 1999 at 08:49:04AM +0200
Organization: Zer0
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Tue, Jun 15, 1999 at 08:49:04AM +0200, Poul-Henning Kamp wrote:
> 
> Uhm, sorry Warner, but that is not true.  A brute force attack on
> MD5 is many orders of magnitude slower than on DES.

At USENIX, Niels Provos and David Mazieres presented a paper entitled
"A Future-Adaptable Password Scheme", in which they described two 
algorithms with adaptable cost, including a block cipher _eksblowfish_
and _bcrypt_, a related hash function.  In the paper, they have a 
comparison graph of traditional/bitsliced DES, MD5, and bcrypt (Figure
5).  In summary, the graph shows bcrypt to be over 10^1 times slower
than MD5 and many orders of magnitude slower than DES.  MD5 is itself
many orders of magnitude slower than DES, but has a fixed cost.

FTR, bcrypt supports a variable number of rounds so that it will be
adaptable and secure as hardware speeds increase.  I left the
presentation very impressed with the work. 

Greg
-- 
Gregory S. Sutter              If ignorance is bliss, you must be orgasmic.
mailto:gsutter@pobox.com
http://www.pobox.com/~gsutter/
PGP DSS public key 0x40AE3052


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message