PHK's MD5 might not be slow enough anymore
Chuck Swiger
cswiger at mac.com
Thu Jan 28 20:22:52 UTC 2010
Hi--
On Jan 28, 2010, at 12:10 PM, Bill Moran wrote:
> This would also introduce a complete incompatibility between systems.
> I, for one, frequently copy password files from one system to another.
> I expect $1$ to be compatible on all systems.
Exactly. Just like classic DES passwords were portable to all platforms.
> If a new algorithm is to be used, why even start with md5? Why not
> start with something that's inherently stronger and more CPU intensive?
>>
> From there, assign it a new algorithm number. See the "Modular Crypt"
> section of crypt(3). Then compatibility is maintained.
+1. We're probably fine with MD5 password hashes against all but extreme measures for some time to come, but adding SHA-1 and being ready for whatever algorithm(s) might be chosen by NIST for SHA-3 would be a fine thing to do.
Regards,
--
-Chuck
More information about the freebsd-security
mailing list