Date: Thu, 28 Jan 2010 12:22:45 -0800 From: Chuck Swiger <cswiger@mac.com> To: Bill Moran <wmoran@collaborativefusion.com> Cc: Chris Palmer <chris@noncombatant.org>, freebsd-security@freebsd.org Subject: Re: PHK's MD5 might not be slow enough anymore Message-ID: <765BF30E-49B7-4EDB-A1FC-41D72AEE1EAA@mac.com> In-Reply-To: <20100128151026.5738b6c1.wmoran@collaborativefusion.com> References: <20100128182413.GI892@noncombatant.org> <20100128135410.7b6fe154.wmoran@collaborativefusion.com> <20100128193941.GK892@noncombatant.org> <20100128151026.5738b6c1.wmoran@collaborativefusion.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi-- On Jan 28, 2010, at 12:10 PM, Bill Moran wrote: > This would also introduce a complete incompatibility between systems. > I, for one, frequently copy password files from one system to another. > I expect $1$ to be compatible on all systems. Exactly. Just like classic DES passwords were portable to all platforms. > If a new algorithm is to be used, why even start with md5? Why not > start with something that's inherently stronger and more CPU intensive? >> > From there, assign it a new algorithm number. See the "Modular Crypt" > section of crypt(3). Then compatibility is maintained. +1. We're probably fine with MD5 password hashes against all but extreme measures for some time to come, but adding SHA-1 and being ready for whatever algorithm(s) might be chosen by NIST for SHA-3 would be a fine thing to do. Regards, -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?765BF30E-49B7-4EDB-A1FC-41D72AEE1EAA>