From owner-freebsd-security  Sat Jan  5 18:29:27 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mta0x15.coxmail.com (cm-fe1.coxmail.com [206.157.225.48])
	by hub.freebsd.org (Postfix) with ESMTP id A06DE37B43E
	for <security@FreeBSD.ORG>; Sat,  5 Jan 2002 18:28:58 -0800 (PST)
Received: from tick.sc.omation.com ([64.58.167.31]) by mta0x15.coxmail.com
          (InterMail vK.4.03.04.01 201-232-130-101 license 6e1a3d42bf0668978482829d4ed8437d)
          with ESMTP
          id <20020106022841.KYB1821.mta0x15@tick.sc.omation.com>;
          Sat, 5 Jan 2002 21:28:41 -0500
Received: from tick.sc.omation.com (tick.sc.omation.com [192.168.128.2])
	by tick.sc.omation.com (8.11.6/8.11.6) with ESMTP id g062SmL41195;
	Sat, 5 Jan 2002 18:28:49 -0800 (PST)
	(envelope-from pherman@frenchfries.net)
Message-Id: <200201060228.g062SmL41195@tick.sc.omation.com>
Date: Sat, 5 Jan 2002 18:28:48 -0800 (PST)
From: Paul Herman <pherman@frenchfries.net>
To: Bill Vermillion <bv@wjv.com>
Cc: security@FreeBSD.ORG
Subject: Blowfish salt generation (was Re: MS5 salt password generation)
In-Reply-To: <20020105224539.GA38820@wjv.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Sat, 5 Jan 2002, Bill Vermillion wrote:

> Blowfish encrypted:
>
> fp:$2a$04$.d4.6FZpPIj9GC6DRIRDUuJhPWGP059OmLP2IxSgTQ11LWHVGxxbu:1007:1007::0:0:Bogus Name:/home/fp:/bin/ksh93
>
> [...]
>
> So MD5 uses a much larger salt, but blowish generates a much
> long encrypted key, 52 vs 22.  I have no docs but >if< the salt is
> only 2 characters in blowfish - assuming it works as does MD5

Use the source Luke!  See /usr/src/secure/lib/libcrypt

The "04" in the blowfish password is the number of iterations to
generate the hash (actually on the order of 2^4).  The cool thing
is you can change this "on the fly" without having to recompile
libcrypt.  Change that and you've just increased the time it would
take to do a dictionary attack.  The default (and the minimum) is
4, but could be anything.

The blowfish salt is included in the hash and stops with the 23rd
character. So, the salt above is ".d4.6FZpPIj9GC6DRIRDUuJ" which is
about 16 bytes.  The rest is the password hash.  So, the blowfish
salt is indeed larger than MD5's, which I believe is only 6 bytes.

-Paul.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message