From owner-freebsd-security@FreeBSD.ORG Thu Jan 28 21:57:20 2010 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C855E1065672 for ; Thu, 28 Jan 2010 21:57:20 +0000 (UTC) (envelope-from drosih@rpi.edu) Received: from smtp5.server.rpi.edu (smtp5.server.rpi.edu [128.113.2.225]) by mx1.freebsd.org (Postfix) with ESMTP id 8CD3D8FC1A for ; Thu, 28 Jan 2010 21:57:20 +0000 (UTC) Received: from [128.113.24.47] (gilead.netel.rpi.edu [128.113.24.47]) by smtp5.server.rpi.edu (8.13.1/8.13.1) with ESMTP id o0SLusZN020703; Thu, 28 Jan 2010 16:56:56 -0500 Mime-Version: 1.0 Message-Id: In-Reply-To: <4B61FCFF.6040207@delphij.net> References: <20100128182413.GI892@noncombatant.org> <20100128135410.7b6fe154.wmoran@collaborativefusion.com> <20100128193941.GK892@noncombatant.org> <20100128151026.5738b6c1.wmoran@collaborativefusion.com> <20100128201857.GP892@noncombatant.org> <4B61FCFF.6040207@delphij.net> Date: Thu, 28 Jan 2010 16:56:53 -0500 To: d@delphij.net, freebsd-security@freebsd.org From: Garance A Drosihn Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Bayes-Prob: 0.0001 (Score 0) X-RPI-SA-Score: 0.00 () [Hold at 20.00] 22490(-25) X-CanItPRO-Stream: outgoing X-Canit-Stats-ID: Bayes signature not available X-Scanned-By: CanIt (www . roaringpenguin . com) on 128.113.2.225 Cc: Subject: Re: PHK's MD5 might not be slow enough anymore X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Jan 2010 21:57:20 -0000 At 1:09 PM -0800 1/28/10, Xin LI wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >On 2010/01/28 12:18, Chris Palmer wrote: >> For backwards compatibility, which do people prefer: Creating a new $N$ >> prefix every time we re-tune the algorithm, or using a new notation to say >> how many times this password was hashed? For example: $1.1000$, $1.100000$, >> et c.? > >I'd vote for $1.nnnn$, as a good side effect it would be tunable by the >administrators who want to fine tune the round number as need. Might want to make it something like $1.nnn.bbb$, so the admin can specify the number of bits as well as the number of rounds. And then pick some algorithm where those two values make sense. :-) By going for something tunable, users don't HAVE to change their password the moment the sysadmin decides that it's time for better protection. The sysadmin can change the numbers used when the user changes their password, and then gradually transition everyone to the stronger encryption. It also means that users could decide to use stronger encryption if they are willing to wait for it, without the sysadmin needing to do anything. -- Garance Alistair Drosehn = gad@gilead.netel.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu