Date: Mon, 09 Feb 2009 12:09:59 +0100 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: Benjamin Lutz <mail@maxlor.com> Cc: freebsd-security@freebsd.org Subject: Re: OPIE considered insecure Message-ID: <86r627988o.fsf@ds4.des.no> In-Reply-To: <200902090957.27318.mail@maxlor.com> (Benjamin Lutz's message of "Mon, 9 Feb 2009 09:57:27 %2B0100") References: <200902090957.27318.mail@maxlor.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Benjamin Lutz <mail@maxlor.com> writes: > I was a bit shocked to find out that OPIE truncates all digests to 64 bit= s,=20 > no matter which algorithm you use. Some quick research into the current=20 > speed of MD5 brute-forcing produced this result: > [...] > So, is there an existing alternative one time password implementation tha= t=20 > works on FreeBSD? Also, as a suggestion to the security team, maybe it's= =20 > time to deprecate or remove OPIE? Our current OPIE implementation is a piece of crap. Feel free to suggest (or write) a replacement. That being said, there is no reason why OPIE challenges and responses can't be extended to 128 bits or more. The only downside is that users won't be able to use existing key calculators; they'll have to use pre-generated response sheets. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86r627988o.fsf>