Date: 20 Jun 2002 17:00:23 +0200 From: Dag-Erling Smorgrav <des@ofug.org> To: Antoine Beaupre <anarcat@anarcat.ath.cx> Cc: "Eric F Crist" <ecrist@adtechintegrated.com>, "'Ryan Thompson'" <ryan@sasknow.com>, "'Bill Moran'" <wmoran@potentialtech.com>, <freebsd-security@FreeBSD.ORG> Subject: Re: hash-password length relation (was: Password security) Message-ID: <xzpy9dadmgo.fsf@flood.ping.uio.no> In-Reply-To: <1C4414A2-845C-11D6-887B-0050E4A0BB3F@anarcat.ath.cx> References: <1C4414A2-845C-11D6-887B-0050E4A0BB3F@anarcat.ath.cx>
next in thread | previous in thread | raw e-mail | index | archive | help
Antoine Beaupre <anarcat@anarcat.ath.cx> writes: > Does the length of the encrypted password grow with the length of the > password? Traditional DES always produces a 13-byte hash (including the salt). MD5 produces a 31-byte hash (also including the salt). Blowfish produces a 32-byte hash with (IIRC) a variable-length salt of up to 16 bytes. Both MD5 and Blowfish use a special prefix to identify the hash algorithm used; it's usually three bytes long for MD5 and five or six bytes long for Blowfish. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpy9dadmgo.fsf>