From owner-freebsd-security@FreeBSD.ORG Thu Jan 28 20:10:27 2010 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7D2EE106566B for ; Thu, 28 Jan 2010 20:10:27 +0000 (UTC) (envelope-from wmoran@collaborativefusion.com) Received: from mx00.pub.collaborativefusion.com (mx00.pub.collaborativefusion.com [206.210.89.199]) by mx1.freebsd.org (Postfix) with ESMTP id 2F0E88FC14 for ; Thu, 28 Jan 2010 20:10:26 +0000 (UTC) Received: from localhost (overdrive.ws.pitbpa0.priv.collaborativefusion.com [192.168.2.162]) (SSL: TLSv1/SSLv3,256bits,AES256-SHA) by wingspan with esmtp; Thu, 28 Jan 2010 15:10:26 -0500 id 0003F405.000000004B61EF32.0000AA1F Date: Thu, 28 Jan 2010 15:10:26 -0500 From: Bill Moran To: Chris Palmer Message-Id: <20100128151026.5738b6c1.wmoran@collaborativefusion.com> In-Reply-To: <20100128193941.GK892@noncombatant.org> References: <20100128182413.GI892@noncombatant.org> <20100128135410.7b6fe154.wmoran@collaborativefusion.com> <20100128193941.GK892@noncombatant.org> Organization: Collaborative Fusion Inc. X-Mailer: Sylpheed 2.7.1 (GTK+ 2.18.5; i386-portbld-freebsd7.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-security@freebsd.org Subject: Re: PHK's MD5 might not be slow enough anymore X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Jan 2010 20:10:27 -0000 In response to Chris Palmer : > Bill Moran writes: > > > I'm sure someone will correct me if I'm wrong, but you can't do this > > without establishing this as an entirely new algorithm. The hashes > > generated after your patch will not be compatible with existing password > > files, thus anyone who applies this will be unable to log in. Have you > > tried it? > Since there is 0 cost for people installing > fresh, there is no reason not to do it. Are you volunteering to handle all the complaints from all the people who want to upgrade their systems without reinstalling? This would also introduce a complete incompatibility between systems. I, for one, frequently copy password files from one system to another. I expect $1$ to be compatible on all systems. If a new algorithm is to be used, why even start with md5? Why not start with something that's inherently stronger and more CPU intensive? >From there, assign it a new algorithm number. See the "Modular Crypt" section of crypt(3). Then compatibility is maintained. -- Bill Moran Collaborative Fusion Inc. http://people.collaborativefusion.com/~wmoran/