blf uses only 2^4 round for passwd encoding?! [Re: Default
password hash]
Oliver Pinter
oliver.pntr at gmail.com
Mon Jun 11 00:03:48 UTC 2012
On 6/11/12, RW <rwmaillists at googlemail.com> wrote:
> On Mon, 11 Jun 2012 00:37:30 +0200
> Oliver Pinter wrote:
>
>
>> 16 rounds in 2012? It is not to weak?!
>
> It's hard to say. Remember that blowfish was designed as a cipher not
> a hash. It's designed to be fast, but to still resist known plaintext
> attacks at the beginning of the ciphertext. It was also designed to
> work directly with a passphrase because there was a history of
> programmers abusing DES by using simple ascii passwords as keys.
>
> For these reasons initialization is deliberately expensive,
> effectively it already contains an element of passphrase hashing.
Yes, I know that the blowfish is a cipher and not hash, but I think 16
round today is too small. I checked this in a freshly installed
openbsd, and they used 256 round ($2a$08$...) .
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
>
More information about the freebsd-security
mailing list