From owner-freebsd-security Mon May 3 13:17:17 1999 Delivered-To: freebsd-security@freebsd.org Received: from brooklyn.slack.net (brooklyn.slack.net [206.41.21.102]) by hub.freebsd.org (Postfix) with ESMTP id CB20614EA2 for ; Mon, 3 May 1999 13:16:07 -0700 (PDT) (envelope-from andrewr@brooklyn.slack.net) Received: from localhost (andrewr@localhost) by brooklyn.slack.net (8.8.7/8.8.7) with SMTP id QAA29202; Mon, 3 May 1999 16:18:29 -0400 (EDT) Date: Mon, 3 May 1999 16:18:29 -0400 (EDT) From: andrewr To: Adam Shostack Cc: David Mazieres , phk@critter.freebsd.dk, peter.jeremy@auss2.alcatel.com.au, freebsd-security@FreeBSD.ORG, provos@openbsd.org Subject: Re: Blowfish/Twofish In-Reply-To: <19990503155204.A28374@weathership.homeport.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 3 May 1999, Adam Shostack wrote: > > If you want to use any other construction, you'll need to > analyze time issues, including brute force timing. It seems likely > that using md5 would require a bunch of iterations. You could > probably use fewer iterations of SHA-1, and yet fewer with RIPEMD-160 > to absorb the same amount of attacker CPU time. The multiple iterations is something that is *very* necesary and I agree with you on.. Take ssh, from what Ive seen, in my VERY LITTLE code browsing of it, it does not seem to do many iterations at all (when dealing with ssh key), therefore not making it too great.. (if that makes any sense ;). However, bruteforce timing is something that *should* be analyzed, so I agree with you a 100%. Andrew > > Adam > > > -- > "It is seldom that liberty of any kind is lost all at once." > -Hume > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message