From owner-freebsd-security  Fri Jul 26 07:27:39 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id HAA29133
          for security-outgoing; Fri, 26 Jul 1996 07:27:39 -0700 (PDT)
Received: from kdat.calpoly.edu (kdat.csc.calpoly.edu [129.65.54.101])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id HAA29127
          for <freebsd-security@freebsd.org>; Fri, 26 Jul 1996 07:27:35 -0700 (PDT)
Received: (from nlawson@localhost) by kdat.calpoly.edu (8.6.12/N8) id HAA02418; Fri, 26 Jul 1996 07:27:37 -0700
From: Nathan Lawson <nlawson@kdat.csc.calpoly.edu>
Message-Id: <199607261427.HAA02418@kdat.calpoly.edu>
Subject: Re: Crack 4.1 patches for FBSD
To: phk@critter.tfs.com (Poul-Henning Kamp)
Date: Fri, 26 Jul 1996 07:27:37 -0700 (PDT)
Cc: freebsd-security@freebsd.org
In-Reply-To: <2328.838369704@critter.tfs.com> from "Poul-Henning Kamp" at Jul 26, 96 10:28:24 am
X-Mailer: ELM [version 2.4 PL23]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

> >> Here is beta 1 of the changes I have done to Crack 4.1 in order to 
> >> make it work with master.passwd (md5) style passwords. Patch from crack/
> >
> >I wouldn't bother.  I spoke with Alec Moffet today at the USENIX security
> >conference.  Crack 5.0 is due out in 6 (or so) weeks.  He said it was a
> >complete rewrite, and he has substantually changed the handing of
> >different password file formats.
> 
> Any news on any attacks on our MD5 based passwords ?

The only problem I see with them is that MD5 is so darn quick, your number
of crypts goes way up even with the present number of iterations.  The DES
hash used in most Unicen was desigend to be slow (originally taking 1 second
per crypt on a VAX 11/780), but that fell prey to optimization and exponential
CPU speed increases.

Perhaps some intermediate permutations between hashes might be appropriate,
but I'd consider the algorithm very carefully as it is very easy to end up
with something that is no slower than the original and significantly less
secure.

-- 
Nate Lawson                  "There are a thousand hacking at the branches of
CPE Senior                    evil to one who is striking at the root."
CSL Admin                              -- Henry David Thoreau, 'Walden', 1854