From owner-freebsd-security@FreeBSD.ORG Sun Jun 10 23:24:09 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E56F71065677 for ; Sun, 10 Jun 2012 23:24:09 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-wg0-f50.google.com (mail-wg0-f50.google.com [74.125.82.50]) by mx1.freebsd.org (Postfix) with ESMTP id 6FE478FC21 for ; Sun, 10 Jun 2012 23:24:09 +0000 (UTC) Received: by wgbds11 with SMTP id ds11so2605217wgb.31 for ; Sun, 10 Jun 2012 16:24:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; bh=Q3+WYJYCayFWkafgbHghO9FAuym7c27ZvlO9ko1q8Tg=; b=bpAaLm72RUuhYAthFpPilHbpWgrK8X4q/nfSGkEAPw2cR95dr7UiSaXyrlLAiM7F68 aGwP0JH3xhM1dOfHYEKInd1Fu/LT2JM/J/5FVX/5/QhBNUucrHK+tjqx5k4AOY0uU4ar OTVhl0vjDhIxvvl5NZW+K+OXngrwpV3b/g9UTq9v4JTWEEC3rM8//ksHFSzDTPtDdc1p X0KeeXhH2LCBzywSoMWasXR6Ax0oydlPwdJYhzlAqaiokJ5zIrppzfRKHGsCnzepNKlH TDbJ5TXP6XirRMs5+tsI9WItzzZ9zc8kf0df3BW2KpLmRFROGWYGxzZNnUNzCWTgGkLe lGEw== Received: by 10.216.134.145 with SMTP id s17mr5204997wei.22.1339370645854; Sun, 10 Jun 2012 16:24:05 -0700 (PDT) Received: from gumby.homeunix.com (87-194-105-247.bethere.co.uk. [87.194.105.247]) by mx.google.com with ESMTPS id n6sm32185959wie.7.2012.06.10.16.24.04 (version=SSLv3 cipher=OTHER); Sun, 10 Jun 2012 16:24:05 -0700 (PDT) Date: Mon, 11 Jun 2012 00:24:02 +0100 From: RW To: freebsd-security@freebsd.org Message-ID: <20120611002402.088b2f74@gumby.homeunix.com> In-Reply-To: References: X-Mailer: Claws Mail 3.8.0 (GTK+ 2.24.6; amd64-portbld-freebsd8.3) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: blf uses only 2^4 round for passwd encoding?! [Re: Default password hash] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Jun 2012 23:24:10 -0000 On Mon, 11 Jun 2012 00:37:30 +0200 Oliver Pinter wrote: > 16 rounds in 2012? It is not to weak?! It's hard to say. Remember that blowfish was designed as a cipher not a hash. It's designed to be fast, but to still resist known plaintext attacks at the beginning of the ciphertext. It was also designed to work directly with a passphrase because there was a history of programmers abusing DES by using simple ascii passwords as keys. For these reasons initialization is deliberately expensive, effectively it already contains an element of passphrase hashing.