Date: Sat, 30 May 1998 12:37:50 +1000 (EST) From: Nicholas Charles Brawn <ncb05@uow.edu.au> To: Jason Hudgins <thanatos@eddie.incantations.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: MD5 v. DES? Message-ID: <Pine.SOL.3.96.980530122602.16928A-100000@banshee.cs.uow.edu.au> In-Reply-To: <Pine.BSF.3.96.980529133154.13428A-100000@eddie.incantations.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 29 May 1998, Jason Hudgins wrote: > > redirected to -security > > > > > Is there a discussion somewhere about the merits of MD5 v. DES? > > > E.g. what advantages one has over the other? > > > > If I recall from past memories MD5 i believe is faster. > > Which in my opinion, is not nessecarily a good thing. It also depends on what exactly you are discussing. MD5 is a one-way hash algorithm, whereas DES is an encryption algorithm with several different modes used for encryption (ecb, cbc, 3des, etc). Also, with regards to speed, if you're concerned primarily with system security, and don't require hundreds or more authentications per second (ecommerce perhaps), you should probably go for something that takes a bit longer to generate a key. This will slow down brute-force key search attacks. An example of this would be hashing a given string "x" times before sending it to crypt(3). Along parallel lines, is anyone working on patching /usr/bin/passwd to be proactive in rejecting bad passwords instead of simply "suggesting" that the supplied string is too short/weak/lowercase/etc? It is trivial to patch the code to do so but it'd be nice if it happened by default. :) > Jason Hudgins > http://www.incantations.net/~thanatos Nick -- Email: ncb05@uow.edu.au - DE 30 33 D3 16 91 C8 8D A7 F8 70 03 B7 77 1A 2A http://rabble.uow.edu.au/~nick - public key available on request. Nicholas Brawn - Computer Science Undergraduate, University of Wollongong. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.3.96.980530122602.16928A-100000>