Date: Mon, 11 Jun 2012 14:44:02 +0400 From: Lev Serebryakov <lev@FreeBSD.org> To: "Simon L. B. Nielsen" <simon@FreeBSD.org> Cc: =?iso-8859-1?Q?Dag-Erling_Sm=F8rgrav?= <des@des.no>, freebsd-security@freebsd.org Subject: Re: Default password hash Message-ID: <734419687.20120611144402@serebryakov.spb.ru> In-Reply-To: <6E26E03B-8D1D-44D3-B94E-0552BE5CA894@FreeBSD.org> References: <86r4tqotjo.fsf@ds4.des.no> <6E26E03B-8D1D-44D3-B94E-0552BE5CA894@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, Simon. You wrote 10 =E8=FE=ED=FF 2012 =E3., 14:02:50: SLBN> Has anyone looked at how long the SHA512 password hashing SLBN> actually takes on modern computers? Modern computers are not what should you afraid. Modern GPUs are. And they are incredibly fast in calculation of MD5, SHA-1 and SHA-2. Modern key-derivation schemes must be RAM-heavy, not CPU-heavy. And I don't understand, why should we use our home-grown "strengthening" algorithms instead of "standard" choices: PBKDF2[1], bcrypt[2] and (my favorite) scrypt[3]. [1] http://tools.ietf.org/html/rfc2898 [2] http://static.usenix.org/events/usenix99/provos/provos_html/node1.html [3] http://www.tarsnap.com/scrypt.html --=20 // Black Lion AKA Lev Serebryakov <lev@FreeBSD.org>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?734419687.20120611144402>