Blowfish support in crypt() (glibc) ?

Rogelio M.Serrano Jr. rogelio at smsglobal.net
Tue Jun 8 07:35:23 PDT 2004


> 2004-06-08T02:52:03 Rogelio Serrano:
> > dictionary attacks against md5 is very easy and fast.
> 
> The MD5 implementation used in passwd goes to some effort to
> suppress that; it does a thousand md5 inits (the slow part of the
> algorithm), mixing the hash different ways after each one.
> 
> Once that gets too slow, just increase that number and use a new
> magic for the new varient.

or too fast?

> 
> > unless all users use random numbers for passwords, md5 will be a
> > weak password hash.
> 
> Is that a theoretical claim based on the belief that MD5 crypt(3) is
> doing a single, simple MD5 hash of the password?
> 

Yes. I might have missed something but is there a way we can tune or 
slow down current md5 passwd hash computation?

> > i am using blowfish in my system and it has a large number of
> > rounds that it takes 3 seconds to compute the password hash.
> 
> I think it would be more secure to increase the number of iterations
> if you want to slow it down, and switch to SHA1 if you want more
> than 128 bits, rather than going to a homebrew hash built on an
> algorithm that was designed as a cypher.

Point well taken. I have used sha1 passwd in tinylogin before. Is 
there an implementation of sha1 crypt that is easy to tune?




More information about the hlfs-dev mailing list