Blowfish support in crypt() (glibc) ?

Bennett Todd bet at rahul.net
Tue Jun 8 08:44:15 PDT 2004


2004-06-08T14:35:23 Rogelio M.Serrano Jr.:
> >Once that gets too slow, just increase that number and use a new
> >magic for the new varient.
> 
> or too fast?

:-) right, oops.

> I might have missed something but is there a way we can tune or 
> slow down current md5 passwd hash computation?

Only by fudging the source. Jack up the hard-coded 1000 loop counter
in the slow-down loop, and change the magic to a new value since
this would be a new and incompatible varient. I eyeballed the source
to the libc I use, uClibc, but I suspect the code is going to be
similar or identical in others.

-Bennett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20040608/7363297e/attachment.sig>


More information about the hlfs-dev mailing list