Date: Sun, 10 Jun 2012 15:13:25 -0400 From: Matt Piechota <piechota@argolis.org> To: freebsd-security@freebsd.org Subject: Re: Default password hash Message-ID: <4FD4F1D5.9090900@argolis.org> In-Reply-To: <6E26E03B-8D1D-44D3-B94E-0552BE5CA894@FreeBSD.org> References: <86r4tqotjo.fsf@ds4.des.no> <6E26E03B-8D1D-44D3-B94E-0552BE5CA894@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 06/10/2012 06:02 AM, Simon L. B. Nielsen wrote: > Has anyone looked at how long the SHA512 password hashing actually > takes on modern computers? The "real" solution for people who care > significantly about this seems something like the algorithm pjd > implemented (I think he did it at least) for GELI, where the number of > rounds is variable and calculated so it takes X/0.X seconds on the > specific hardware used. That's of course a lot more complicated, and > I'm not sure if it would work with the crypt() API. I'm kinda curious about this: I take it you'd encode the number of rounds in the string somehow? Otherwise, the hash wouldn't be portable to another machine (or even if you upgrade the current machine). -- Matt Piechota
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FD4F1D5.9090900>