From owner-freebsd-security Fri Jul 26 11:32:21 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA14456 for security-outgoing; Fri, 26 Jul 1996 11:32:21 -0700 (PDT) Received: from critter.tfs.com ([140.145.230.177]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id LAA14440; Fri, 26 Jul 1996 11:32:16 -0700 (PDT) Received: from critter.tfs.com (localhost.tfs.com [127.0.0.1]) by critter.tfs.com (8.7.5/8.7.3) with ESMTP id UAA02869; Fri, 26 Jul 1996 20:32:34 +0200 (MET DST) To: Nathan Lawson cc: freebsd-security@freebsd.org Subject: Re: Crack 4.1 patches for FBSD In-reply-to: Your message of "Fri, 26 Jul 1996 07:27:37 PDT." <199607261427.HAA02418@kdat.calpoly.edu> Date: Fri, 26 Jul 1996 20:32:34 +0200 Message-ID: <2867.838405954@critter.tfs.com> From: Poul-Henning Kamp Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >> Any news on any attacks on our MD5 based passwords ? > >The only problem I see with them is that MD5 is so darn quick, your number >of crypts goes way up even with the present number of iterations. The DES >hash used in most Unicen was desigend to be slow (originally taking 1 second >per crypt on a VAX 11/780), but that fell prey to optimization and exponential >CPU speed increases. > >Perhaps some intermediate permutations between hashes might be appropriate, >but I'd consider the algorithm very carefully as it is very easy to end up >with something that is no slower than the original and significantly less >secure. Have you actually timed them ? Have you actually looked at the code that generates the MD5 passwords in FreeBSD ? It sounds to me like you havn't... -- Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team. http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox. whois: [PHK] | phk@ref.tfs.com TRW Financial Systems, Inc. Future will arrive by its own means, progress not so.