Date: Thu, 28 Jan 2010 12:18:57 -0800 From: Chris Palmer <chris@noncombatant.org> To: freebsd-security@freebsd.org Subject: Re: PHK's MD5 might not be slow enough anymore Message-ID: <20100128201857.GP892@noncombatant.org> In-Reply-To: <20100128151026.5738b6c1.wmoran@collaborativefusion.com> References: <20100128182413.GI892@noncombatant.org> <20100128135410.7b6fe154.wmoran@collaborativefusion.com> <20100128193941.GK892@noncombatant.org> <20100128151026.5738b6c1.wmoran@collaborativefusion.com>
next in thread | previous in thread | raw e-mail | index | archive | help
For backwards compatibility, which do people prefer: Creating a new $N$ prefix every time we re-tune the algorithm, or using a new notation to say how many times this password was hashed? For example: $1.1000$, $1.100000$, et c.? I prefer the latter. It can work with Blowfish, too, and anything else people come up with in the future.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100128201857.GP892>