Date: Tue, 28 Sep 2004 12:13:59 -0400 From: David Schultz <das@FreeBSD.ORG> To: Colin Percival <cperciva@wadham.ox.ac.uk> Cc: Giorgos Keramidas <keramida@FreeBSD.ORG> Subject: Re: compare-by-hash (was Re: sharing /etc/passwd) Message-ID: <20040928161359.GA22274@VARK.MIT.EDU> In-Reply-To: <41582024.2080205@wadham.ox.ac.uk> References: <Pine.LNX.4.33.0111071900280.24824-100000@moroni.pp.asu.edu> <20011107211316.A7830@nomad.lets.net> <20040925140242.GB78219@gothmog.gr> <41575DFC.9020206@wadham.ox.ac.uk> <20040927091710.GC914@orion.daedalusnetworks.priv> <41582024.2080205@wadham.ox.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Sep 27, 2004, Colin Percival wrote: > If an appropriately strong hash is used (eg, SHA1), then the probability > of obtaining an incorrect /etc/*pwd.db with a correct hash is much > smaller than the probability of a random incorrect password being > accepted. Remember, passwords are stored by their MD5 hashes, so a > random password has a 2^(-128) chance of working. > > If, on the other hand, you're concerned about accidentally locking > yourself out of the server as a result of an undetected mangling of the > password database... you should be more worried about the server, and > all your backups, being simultaneously hit by lightning. :-) One thing to keep in mind is that the collision-resistance of SHA-1 is an unproven conjecture. Back in the dark ages of cryptography, Rivest conjectured that MD4 and MD5 were also collision-resistant, and this turned out not to be true. In fact, recent results have raised some concerns about SHA-1 (http://eprint.iacr.org/2004/146/). There's some speculation that SHA-1 is broken in the sense that you are likely to find a collision after computing far fewer than 2^80 hashes; however, people still seem to consider it good enough for SSL/TLS and numerous other protocols. If they're wrong, of course, I think people will be much more concerned about digital signatures than rsync.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040928161359.GA22274>