blf uses only 2^4 round for passwd encoding?! [Re: Default
password hash]
RW
rwmaillists at googlemail.com
Sun Jun 10 23:24:10 UTC 2012
On Mon, 11 Jun 2012 00:37:30 +0200
Oliver Pinter wrote:
> 16 rounds in 2012? It is not to weak?!
It's hard to say. Remember that blowfish was designed as a cipher not
a hash. It's designed to be fast, but to still resist known plaintext
attacks at the beginning of the ciphertext. It was also designed to
work directly with a passphrase because there was a history of
programmers abusing DES by using simple ascii passwords as keys.
For these reasons initialization is deliberately expensive,
effectively it already contains an element of passphrase hashing.
More information about the freebsd-security
mailing list