Re: passwd hashing algorithm

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Terje Normann Marthinussen: "Re: Replacement for NIS? (was Re: Obtaining NIS domainname from Gatorbox)"
• Previous message: Charles Howes: "Re: passwd hashing algorithm"
• In reply to: Rick Busdiecker: "Re: passwd hashing algorithm"
• Next in thread: der Mouse: "Re: passwd hashing algorithm"

Rick Busdiecker says:
>     From: Adam Shostack <adam@bwh.harvard.edu>
>     Date: Thu, 13 Apr 1995 13:23:03 -0400 (EDT)
> 
>     Doing to 3des means you (roughly) triple the attack time, which
>     means that in about 2 years, we'll be back where we are today.
> 
> This does not fit with my understanding of 3DES.  I thought that 3DES
> effectively tripled the key size, i. e. you have to derive three DES
> keys simultaneously in order to crack.

The point is, however, that DES isn't used in crypt(3) as a cipher but
as a weird hash function over an eight byte value, the password, and
you aren't increasing this password's size so you aren't really
improving the situation. Changing things so that the password could be
much longer would actually help, however. A salted MD5 or SHA of a
much longer passphrase space WOULD be more secure because brute force
searches would actually be harder.

Perry

• Next message: Terje Normann Marthinussen: "Re: Replacement for NIS? (was Re: Obtaining NIS domainname from Gatorbox)"
• Previous message: Charles Howes: "Re: passwd hashing algorithm"
• In reply to: Rick Busdiecker: "Re: passwd hashing algorithm"
• Next in thread: der Mouse: "Re: passwd hashing algorithm"