Date: Thu, 28 Jan 2010 13:09:19 -0800 From: Xin LI <delphij@delphij.net> To: freebsd-security@freebsd.org Subject: Re: PHK's MD5 might not be slow enough anymore Message-ID: <4B61FCFF.6040207@delphij.net> In-Reply-To: <20100128201857.GP892@noncombatant.org> References: <20100128182413.GI892@noncombatant.org> <20100128135410.7b6fe154.wmoran@collaborativefusion.com> <20100128193941.GK892@noncombatant.org> <20100128151026.5738b6c1.wmoran@collaborativefusion.com> <20100128201857.GP892@noncombatant.org>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2010/01/28 12:18, Chris Palmer wrote: > For backwards compatibility, which do people prefer: Creating a new $N$ > prefix every time we re-tune the algorithm, or using a new notation to say > how many times this password was hashed? For example: $1.1000$, $1.100000$, > et c.? I'd vote for $1.nnnn$, as a good side effect it would be tunable by the administrators who want to fine tune the round number as need. Cheers, - -- Xin LI <delphij@delphij.net> http://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iQEcBAEBAgAGBQJLYfz/AAoJEATO+BI/yjfBEXsIAIr2qzcNDVFDoZ2OWr6tAeZh 5Ew0LcrGKwMnbhwhn1lpOopJks/43JnX85YScPgpcCuDDyG8mev8kjwnuXpl0iOr fTMTgznuzIkHT6DcPfQYc2jcaMjR3TzSy8bTFOilrnkuQr0kPHAiQNrnrUtAKyxz Ss0JBjYboSVqtOG58fltkPB0XVoXwBSy8Y4eG+jwStn0qDPmASlZ1TaDvxQWkp9/ 4X7zCK9NCQa/VH94VnbX4uFn3uiLH+IXrUISQcgd9QUkOrswSpdyjSGwV9xkQXWn oiEQP0eVMPWWpesFjhcppSq+2gvsRRow8IpPUSgH2aZDVleZxe9/pEPyyl+bNCk= =rEMy -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B61FCFF.6040207>