Damian Weber <dwe...@htw-saarland.de> writes: > *collision* attacks are relatively easy these days, but against 1 MD5, > not against 1000 times MD5
I'm not talking about collision attacks, I'm talking about brute-forcing hashes. > there is a NIST hash competition running, the winner will soon be announced > (and it won't be SHA256 or SHA512 ;-) > http://csrc.nist.gov/groups/ST/hash/timeline.html > so my suggestion would be to use all of the finalists - especially > the winner - for password hashing > * BLAKE > * Grøstl > * JH > * Keccak > * Skein > see, for example, http://www.nist.gov/itl/csd/sha3_010511.cfm There's a world of difference between switching the default to an algorithm we already support and which is widely used by other operating systems, and switching to a completely knew and untested algorithm. DES -- Dag-Erling Smørgrav - d...@des.no _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
