From owner-freebsd-security@FreeBSD.ORG Thu Jan 28 21:09:30 2010 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DACAE106566C for ; Thu, 28 Jan 2010 21:09:30 +0000 (UTC) (envelope-from delphij@delphij.net) Received: from tarsier.geekcn.org (tarsier.geekcn.org [IPv6:2001:470:a803::1]) by mx1.freebsd.org (Postfix) with ESMTP id 82D408FC0C for ; Thu, 28 Jan 2010 21:09:30 +0000 (UTC) Received: from mail.geekcn.org (tarsier.geekcn.org [211.166.10.233]) by tarsier.geekcn.org (Postfix) with ESMTP id 98B44A5D438; Fri, 29 Jan 2010 05:09:29 +0800 (CST) X-Virus-Scanned: amavisd-new at geekcn.org Received: from tarsier.geekcn.org ([211.166.10.233]) by mail.geekcn.org (mail.geekcn.org [211.166.10.233]) (amavisd-new, port 10024) with LMTP id YI8W+zQosKpW; Fri, 29 Jan 2010 05:09:23 +0800 (CST) Received: from delta.delphij.net (drawbridge.ixsystems.com [206.40.55.65]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by tarsier.geekcn.org (Postfix) with ESMTPSA id C0076A5D408; Fri, 29 Jan 2010 05:09:22 +0800 (CST) DomainKey-Signature: a=rsa-sha1; s=default; d=delphij.net; c=nofws; q=dns; h=message-id:date:from:reply-to:organization:user-agent: mime-version:to:subject:references:in-reply-to:x-enigmail-version:openpgp: content-type:content-transfer-encoding; b=QAkYD640s3vZVOCqGNw7EAGNf5m7WQkgOVGUqcwsSuUnfQY7RUW2iFedltjdxW75i yajLEnjIXzQnJ3hhbK4gg== Message-ID: <4B61FCFF.6040207@delphij.net> Date: Thu, 28 Jan 2010 13:09:19 -0800 From: Xin LI Organization: The Geek China Organization User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.1.7) Gecko/20100122 Thunderbird/3.0.1 ThunderBrowse/3.2.8.1 MIME-Version: 1.0 To: freebsd-security@freebsd.org References: <20100128182413.GI892@noncombatant.org> <20100128135410.7b6fe154.wmoran@collaborativefusion.com> <20100128193941.GK892@noncombatant.org> <20100128151026.5738b6c1.wmoran@collaborativefusion.com> <20100128201857.GP892@noncombatant.org> In-Reply-To: <20100128201857.GP892@noncombatant.org> X-Enigmail-Version: 1.0 OpenPGP: id=3FCA37C1; url=http://www.delphij.net/delphij.asc Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: PHK's MD5 might not be slow enough anymore X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: d@delphij.net List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Jan 2010 21:09:30 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2010/01/28 12:18, Chris Palmer wrote: > For backwards compatibility, which do people prefer: Creating a new $N$ > prefix every time we re-tune the algorithm, or using a new notation to say > how many times this password was hashed? For example: $1.1000$, $1.100000$, > et c.? I'd vote for $1.nnnn$, as a good side effect it would be tunable by the administrators who want to fine tune the round number as need. Cheers, - -- Xin LI http://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iQEcBAEBAgAGBQJLYfz/AAoJEATO+BI/yjfBEXsIAIr2qzcNDVFDoZ2OWr6tAeZh 5Ew0LcrGKwMnbhwhn1lpOopJks/43JnX85YScPgpcCuDDyG8mev8kjwnuXpl0iOr fTMTgznuzIkHT6DcPfQYc2jcaMjR3TzSy8bTFOilrnkuQr0kPHAiQNrnrUtAKyxz Ss0JBjYboSVqtOG58fltkPB0XVoXwBSy8Y4eG+jwStn0qDPmASlZ1TaDvxQWkp9/ 4X7zCK9NCQa/VH94VnbX4uFn3uiLH+IXrUISQcgd9QUkOrswSpdyjSGwV9xkQXWn oiEQP0eVMPWWpesFjhcppSq+2gvsRRow8IpPUSgH2aZDVleZxe9/pEPyyl+bNCk= =rEMy -----END PGP SIGNATURE-----