Date: Mon, 3 May 1999 10:22:20 -0400 From: Adam Shostack <adam@homeport.org> To: Peter Jeremy <peter.jeremy@auss2.alcatel.com.au> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Blowfish/Twofish Message-ID: <19990503102220.A25694@weathership.homeport.org> In-Reply-To: <99May3.114810est.40331@border.alcanet.com.au>; from Peter Jeremy on Mon, May 03, 1999 at 12:02:44PM %2B1000 References: <99May3.114810est.40331@border.alcanet.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, May 03, 1999 at 12:02:44PM +1000, Peter Jeremy wrote: | Adam Shostack <adam@homeport.org> wrote: | >The reason to not use it for passwords is that the function you want | >(if you're going to not change the model), is a hash function, not a | >block cipher. | | You'd better let Bob Morris know this :-). | | Why can't a block cipher (like, say DES) be used for a password | hashing function? (I realise that the DES used for Unix password | hashing is `tweaked', but that was done solely to prevent people using | off-the-shelf DES hardware to crack passwords - the salt can be | injected in several other ways). It can, but when you want irreversability, its useful to use a function designed with that in mind. The fact that you can use block ciphers as hashes, and hashes as block ciphers, does not mean that its a good idea to go around doing so. It means that the theoreticians in the field are working out how they interact. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990503102220.A25694>