From owner-freebsd-security  Tue Nov 17 04:02:42 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id EAA00587
          for freebsd-security-outgoing; Tue, 17 Nov 1998 04:02:42 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from rgate.ricochet.net (rgate1.ricochet.net [204.179.143.6])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA00545
          for <freebsd-security@FreeBSD.ORG>; Tue, 17 Nov 1998 04:02:37 -0800 (PST)
          (envelope-from enkhyl@scient.com)
Received: from mg131-085.ricochet.net (mg131-085.ricochet.net [204.179.131.85])
	by rgate.ricochet.net (8.8.8/8.8.8) with ESMTP id FAA01582;
	Tue, 17 Nov 1998 05:42:12 -0600 (CST)
Date: Tue, 17 Nov 1998 03:40:28 -0800 (PST)
From: Christopher Nielsen <enkhyl@scient.com>
X-Sender: enkhyl@ender.sf.scient.com
Reply-To: enkhyl@hayseed.net
To: Poul-Henning Kamp <phk@critter.freebsd.dk>
cc: Fernando Schapachnik <fpscha@ns1.sminter.com.ar>,
        Thomas Valentino Crimi <tcrimi+@andrew.cmu.edu>, tlambert@primenet.com,
        freebsd-security@FreeBSD.ORG
Subject: Re: Would this make FreeBSD more secure? 
In-Reply-To: <23903.911243692@critter.freebsd.dk>
Message-ID: <Pine.BSF.4.05.9811170338120.845-100000@ender.sf.scient.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=X-UNKNOWN
Content-Transfer-Encoding: 8BIT
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Mon, 16 Nov 1998, Poul-Henning Kamp wrote:

> Date: Mon, 16 Nov 1998 20:14:52 +0100
> From: Poul-Henning Kamp <phk@critter.freebsd.dk>
> To: Fernando Schapachnik <fpscha@ns1.sminter.com.ar>
> Cc: Thomas Valentino Crimi <tcrimi+@andrew.cmu.edu>, tlambert@primenet.com,
     freebsd-security@FreeBSD.ORG
> Subject: Re: Would this make FreeBSD more secure? 
> 
> In message <199811161811.PAA01939@ns1.sminter.com.ar>, Fernando Schapachnik writes:
> >En un mensaje anterior, Thomas Valentino Crimi escribió:
> >[...]
> >>   And then we have md5 passwords, arguably broken, now, but orders of
> >> magnitudes better than DES.
> >
> >Broken? I'm using them with no problem. What do you mean?
> 
> He means that he hasn't understood the first law of cryptography:
> 
>     "No cipher is unbreakable, it's all a question about time & effort"
> 
> Given sufficient resources you can brute-force any encryption or
> scrambling.
> 
> MD5 scambled passwords are not even close to being broken, for any
> value of broken worth talking about.

Sorry to be pedantic, but your statement is true of all ciphers except
one-time pads. A one-time pad can never be broken without the encryption
key, no matter how much time and effort you expend. Of course, one-time
pads aren't exactly practical from a key management perspective.

-- 
Christopher Nielsen
Scient: The eBusiness Systems Innovator
<http://www.scient.com>
cnielsen@scient.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message