Date: Mon, 16 Nov 1998 20:14:52 +0100 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: Fernando Schapachnik <fpscha@ns1.sminter.com.ar> Cc: tcrimi+@andrew.cmu.edu (Thomas Valentino Crimi), tlambert@primenet.com, freebsd-security@FreeBSD.ORG Subject: Re: Would this make FreeBSD more secure? Message-ID: <23903.911243692@critter.freebsd.dk> In-Reply-To: Your message of "Mon, 16 Nov 1998 15:11:16 -0300." <199811161811.PAA01939@ns1.sminter.com.ar>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199811161811.PAA01939@ns1.sminter.com.ar>, Fernando Schapachnik writes:
>En un mensaje anterior, Thomas Valentino Crimi escribió:
>[...]
>> And then we have md5 passwords, arguably broken, now, but orders of
>> magnitudes better than DES.
>
>Broken? I'm using them with no problem. What do you mean?
He means that he hasn't understood the first law of cryptography:
"No cipher is unbreakable, it's all a question about time & effort"
Given sufficient resources you can brute-force any encryption or
scrambling.
MD5 scambled passwords are not even close to being broken, for any
value of broken worth talking about.
--
Poul-Henning Kamp FreeBSD coreteam member
phk@FreeBSD.ORG "Real hackers run -current on their laptop."
"ttyv0" -- What UNIX calls a $20K state-of-the-art, 3D, hi-res color terminal
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?23903.911243692>