Re: Default password hash
Damian Weber <dweber@htw-saarland.de> writes:
> *collision* attacks are relatively easy these days, but against 1 MD5,=20
> not against 1000 times MD5
I'm not talking about collision attacks, I'm talking about brute-forcing
hashes.
> there is a NIST hash competition running, the winner will soon be announc=
ed
> (and it won't be SHA256 or SHA512 ;-)
> http://csrc.nist.gov/groups/ST/hash/timeline.html
> so my suggestion would be to use all of the finalists - especially
> the winner - for password hashing
> * BLAKE
> * Gr=C3=B8stl=20
> * JH
> * Keccak
> * Skein
> see, for example, http://www.nist.gov/itl/csd/sha3_010511.cfm
There's a world of difference between switching the default to an
algorithm we already support and which is widely used by other operating
systems, and switching to a completely knew and untested algorithm.
DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 29 之 47 篇):