Blowfish support in crypt() (glibc) ?
bet at rahul.net
Mon Jun 7 07:05:07 PDT 2004
2004-06-07T01:58:05 Robert Connolly:
> Md5 isn't very good anymore.
Could you please expand on that?
What I've heard is that weakened varients (reduced rounds?) have
been shown vulnerable to attack, but so far as I know standard MD5
hasn't. And in some applications, a 128-bit hash like MD5 is
vulnerable to a Birthday attack where a bigger one, like e.g. SHA1
(160 bits) isn't.
But "attack" means something very different for a cryptographic hash
used bare, like MD5 or SHA1 in normal crypto design, and one used
salted and iterated, like in a passwd file; there the possibility of
breaking the hash isn't even interesting, the design is focused on
trying to slow down dictionary attacks.
What's the problem with MD5 in passwd?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the hlfs-dev