On 6/10/12 8:03 PM, Oliver Pinter wrote:
On 6/11/12, RW wrote:
On Mon, 11 Jun 2012 00:37:30 +0200
Oliver Pinter wrote:
16 rounds in 2012? It is not to weak?!
It's hard to say. Remember that blowfish was designed as a cipher not
a hash. It's designed to be fast, but to still resist known plai
On (11/06/2012 12:43), Simon L. B. Nielsen wrote:
> On Sun, Jun 10, 2012 at 3:53 PM, Gleb Kurtsou wrote:
[...]
> > Do you mean pkcs5v2_calculate from geli? It seems to have a drawback
>
> Correct.
>
> > that results produced depend on actual CPU load.
>
> That's not the drawback, but the whole
On Mon, 11 Jun 2012 14:44:02 +0400
Lev Serebryakov wrote:
> Hello, Simon.
> You wrote 10 июня 2012 г., 14:02:50:
>
> SLBN> Has anyone looked at how long the SHA512 password hashing
> SLBN> actually takes on modern computers?
> Modern computers are not what should you afraid. Modern GPUs are.
Gleb Kurtsou writes:
> In other words, currently there is no benefit in switch default
> algorithm to relatively new crypt_sha512 vs 256-iterations
> crypt_blowfish supported on RELENG_7.
>From a cryptographic point of view, perhaps, but they are both better
than the current default (md5), and al
On (11/06/2012 12:51), Simon L. B. Nielsen wrote:
> On Mon, Jun 11, 2012 at 11:44 AM, Lev Serebryakov wrote:
> > Hello, Simon.
> > You wrote 10 июня 2012 г., 14:02:50:
> >
> > SLBN> Has anyone looked at how long the SHA512 password hashing
> > SLBN> actually takes on modern computers?
> > Modern
Robert Simmons writes:
> Mike Tancsa writes:
> > change the users passwd to something new, or just use the old
> > passwd, but re-enter it
> Bad idea. Never reuse an old password.
What's an even worse idea is to learn such things by rote and spew them
back out without ever reflecting on what th
Dag-Erling Smørgrav writes:
> There's a world of difference between switching the default to an
> algorithm we already support and which is widely used by other operating
> systems, and switching to a completely knew and untested algorithm.
ouch. s/knew/new/.
DES
--
Dag-Erling Smørgrav - d...@
"O. Hartmann" writes:
> You should also file a PR for change-requets, so it is not only in the
> email list.
I have no idea what you mean by that...
DES
--
Dag-Erling Smørgrav - d...@des.no
___
freebsd-security@freebsd.org mailing list
http://lists.fr
Mike Tancsa writes:
> Locally, we still have a need to share some passwd files between a
> couple of RELENG_8 and RELENG_7 boxes. But it might be better to just
> upgrade the new boxes to 8 if need be. If not, is Blowfish as its
> currently implemented on RELENG_7 considered strong enough ? Ther
On 6/11/2012 10:00 AM, Dag-Erling Smørgrav wrote:
> Mike Tancsa writes:
>> Dag-Erling Smørgrav writes:
>>> Mike Tancsa writes:
Actually, any chance of MFC'ing SHA256 and 512 in RELENG_7 ? Its
currently not there.
>>> "not there" as in "not supported by crypt(3)"?
>> If you put in sha2
Mike Tancsa writes:
> Dag-Erling Smørgrav writes:
> > Mike Tancsa writes:
> > > Actually, any chance of MFC'ing SHA256 and 512 in RELENG_7 ? Its
> > > currently not there.
> > "not there" as in "not supported by crypt(3)"?
> If you put in sha256|sha512 in passwd_format, the passwd that gets
> c
On Mon, Jun 11, 2012 at 11:44 AM, Lev Serebryakov wrote:
> Hello, Simon.
> You wrote 10 июня 2012 г., 14:02:50:
>
> SLBN> Has anyone looked at how long the SHA512 password hashing
> SLBN> actually takes on modern computers?
> Modern computers are not what should you afraid. Modern GPUs are.
>
On Sun, Jun 10, 2012 at 3:53 PM, Gleb Kurtsou wrote:
> On (10/06/2012 11:02), Simon L. B. Nielsen wrote:
>>
>> On 8 Jun 2012, at 13:51, Dag-Erling Smørgrav wrote:
>>
>> > We still have MD5 as our default password hash, even though known-hash
>> > attacks against MD5 are relatively easy these days.
On Mon, Jun 11, 2012 at 10:51:45AM +0200, Dag-Erling Smørgrav wrote:
> Damian Weber writes:
> > *collision* attacks are relatively easy these days, but against 1 MD5,
> > not against 1000 times MD5
>
> I'm not talking about collision attacks, I'm talking about brute-forcing
> hashes.
>
> > ther
On 6/11/2012 4:48 AM, Dag-Erling Smørgrav wrote:
> Mike Tancsa writes:
>> Actually, any chance of MFC'ing SHA256 and 512 in RELENG_7 ? Its
>> currently not there.
>
> "not there" as in "not supported by crypt(3)"?
If you put in sha256|sha512 in passwd_format, the passwd that gets
chosen is DES,
Hello, Simon.
You wrote 10 июня 2012 г., 14:02:50:
SLBN> Has anyone looked at how long the SHA512 password hashing
SLBN> actually takes on modern computers?
Modern computers are not what should you afraid. Modern GPUs are.
And they are incredibly fast in calculation of MD5, SHA-1 and SHA-2.
Lars Engels writes:
> BTW Solaris 10 and 11 support our Blowfish algorithm, Solaris 10 >= 10/08
> supports SHA256 and SHA512 and SHA256 was mad the default algorithm in
> Solaris 11.
> Some Linux variants support Blowfish and from glibc 2.7 on they have
> support for SHA256 and SHA512.
>
> So the
Oliver Pinter writes:
> 16 rounds in 2012? It is not to weak?!
Perhaps. I don't see how that affects sha512.
DES
--
Dag-Erling Smørgrav - d...@des.no
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-secu
Damian Weber writes:
> *collision* attacks are relatively easy these days, but against 1 MD5,
> not against 1000 times MD5
I'm not talking about collision attacks, I'm talking about brute-forcing
hashes.
> there is a NIST hash competition running, the winner will soon be announced
> (and it won
Mike Tancsa writes:
> Actually, any chance of MFC'ing SHA256 and 512 in RELENG_7 ? Its
> currently not there.
"not there" as in "not supported by crypt(3)"?
> http://phk.freebsd.dk/sagas/md5crypt_eol.html
That blog entry is (partly) why I suggested this change. I think phk is
being overly pes
20 matches
Mail list logo
