From owner-freebsd-security Sun May 2 8:42: 2 1999 Delivered-To: freebsd-security@freebsd.org Received: from gratis.grondar.za (gratis.grondar.za [196.7.18.65]) by hub.freebsd.org (Postfix) with ESMTP id 5F0E915225; Sun, 2 May 1999 08:41:51 -0700 (PDT) (envelope-from mark@grondar.za) Received: from greenpeace.grondar.za (greenpeace.grondar.za [196.7.18.132]) by gratis.grondar.za (8.9.3/8.9.3) with ESMTP id RAA36381; Sun, 2 May 1999 17:41:50 +0200 (SAST) (envelope-from mark@grondar.za) Received: from grondar.za (localhost [127.0.0.1]) by greenpeace.grondar.za (8.9.3/8.9.3) with ESMTP id RAA02885; Sun, 2 May 1999 17:41:48 +0200 (SAST) (envelope-from mark@grondar.za) Message-Id: <199905021541.RAA02885@greenpeace.grondar.za> To: Eivind Eklund Cc: freebsd-security@FreeBSD.ORG Subject: Re: Blowfish/Twofish In-Reply-To: Your message of " Sun, 02 May 1999 17:09:29 +0200." <19990502170929.B32819@bitbox.follo.net> References: <21634.925539195@critter.freebsd.dk> <19990502144906.E23950@bitbox.follo.net> <199905021458.QAA02696@greenpeace.grondar.za> <19990502170929.B32819@bitbox.follo.net> Date: Sun, 02 May 1999 17:41:47 +0200 From: Mark Murray Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Eivind Eklund wrote: > > _Way_ overkill. A far simpler structure can easily be built by hand. > > I do not understand what you mean - elaborate? Dynamically linking in > a new library if it is present is not very difficult - do you mean > that OpenSSL has too complicated an API? Or what is it you're trying > to say? Yes. libcrypto from OpenSSL is huge, and is hefty overkill for a password hashing system. Apart from that, it has a name conflict with kerberos (which also has a libcrypto). A password hashing system just needs a couple (few?) good hashes; nothing else. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message