From owner-freebsd-security  Fri Feb 23  5:43:31 2001
Delivered-To: freebsd-security@freebsd.org
Received: from mail.wlcg.com (mail.wlcg.com [207.226.17.4])
	by hub.freebsd.org (Postfix) with ESMTP id 1190737B4EC
	for <freebsd-security@freebsd.org>; Fri, 23 Feb 2001 05:43:29 -0800 (PST)
	(envelope-from rsimmons@wlcg.com)
Received: from localhost (rsimmons@localhost)
	by mail.wlcg.com (8.11.2/8.11.2) with ESMTP id f1NDhhx15072;
	Fri, 23 Feb 2001 08:43:43 -0500 (EST)
	(envelope-from rsimmons@wlcg.com)
Date: Fri, 23 Feb 2001 08:43:43 -0500 (EST)
From: Rob Simmons <rsimmons@wlcg.com>
To: Kris Kennaway <kris@obsecurity.org>
Cc: <freebsd-security@freebsd.org>
Subject: Re: RIPEMD-160
In-Reply-To: <20010222203526.A13606@mollari.cthul.hu>
Message-ID: <Pine.BSF.4.33.0102230831210.14765-100000@mail.wlcg.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

I figured, after looking at it that it would require some changes to the
code.  The reason I want to do this is for the multi-user boxes that I
have.  I would like to use a 160-bit algorithm that is not know to be
insecure.  Another reason is that most of the common password cracking
programs support MD5, DES, etc.  Confusing script kiddies is always fun.

Robert Simmons
Systems Administrator
http://www.wlcg.com/

On Thu, 22 Feb 2001, Kris Kennaway wrote:

> Well, it's of course not this simple - you would have to modify the
> libcrypt code.  But IMO there's no justification for doing this - MD5
> passwords aren't known to be insecure in any way.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message