Date: Mon, 11 Jun 2012 10:51:45 +0200 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: Damian Weber <dweber@htw-saarland.de> Cc: freebsd-security@freebsd.org, Gleb Kurtsou <gleb.kurtsou@gmail.com>, "Simon L. B. Nielsen" <simon@freebsd.org> Subject: Re: Default password hash Message-ID: <86ehpmp6xq.fsf@ds4.des.no> In-Reply-To: <alpine.BSF.2.00.1206101826300.2189@magritte.htw-saarland.de> (Damian Weber's message of "Sun, 10 Jun 2012 18:55:18 %2B0200 (CEST)") References: <86r4tqotjo.fsf@ds4.des.no> <6E26E03B-8D1D-44D3-B94E-0552BE5CA894@FreeBSD.org> <20120610145351.GA1098@reks> <alpine.BSF.2.00.1206101826300.2189@magritte.htw-saarland.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Damian Weber <dweber@htw-saarland.de> writes: > *collision* attacks are relatively easy these days, but against 1 MD5,=20 > not against 1000 times MD5 I'm not talking about collision attacks, I'm talking about brute-forcing hashes. > there is a NIST hash competition running, the winner will soon be announc= ed > (and it won't be SHA256 or SHA512 ;-) > http://csrc.nist.gov/groups/ST/hash/timeline.html > so my suggestion would be to use all of the finalists - especially > the winner - for password hashing > * BLAKE > * Gr=C3=B8stl=20 > * JH > * Keccak > * Skein > see, for example, http://www.nist.gov/itl/csd/sha3_010511.cfm There's a world of difference between switching the default to an algorithm we already support and which is widely used by other operating systems, and switching to a completely knew and untested algorithm. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86ehpmp6xq.fsf>