On Thu, 28 Jan 2010, Mike Andrews wrote:
On 1/28/10 3:18 PM, Chris Palmer wrote:
For backwards compatibility, which do people prefer: Creating a new $N$
prefix every time we re-tune the algorithm, or using a new notation to say
how many times this password was hashed? For example: $1.1000$, $1.100000$,
et c.?
I prefer the latter. It can work with Blowfish, too, and anything else
people come up with in the future.
The Blowfish one already has that feature.
A long time ago (like FreeBSD 6.something, maybe earlier) I changed all my
/etc/login.conf files to set "passwd_format=blf" and all my password hashes
are in the format "$2a$04$salthash" -- with the "04" being the (default)
number of rounds of Blowfish to run. I have some users where it's set to 11
rounds, and as you'd expect, it puts a pretty big hurt on the ability of
things like John The Ripper to attack the hashes.
Actaully that's not the number of rounds, it's the log2() of the number of
rounds. So 04 is really 2^4=16 rounds (the minimum), 11 is 2^11=2048
rounds, and the maximum is 31 -- which as the source code states, oughta
scale pretty well for a while. :)
See /usr/src/secure/lib/libcrypt/crypt-blowfish.c
There is probably a login.conf knob to raise the default number of rounds
beyond 2^4.
But the point remains: look at what FreeBSD already has. :)
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
