From: "Christian Röpke" [mailto:christian.roepke@directbox.com]
i know, that it is very important to hold my system clean.
yepp :)
but many systems are not clean and then the cracker hasn't any chance to crack the shadow-file, if the passwords are encrypted by des3 or aes.
even des3 and aes are "crackable". it's important to not be able to derive the password from the encrypted string, which means you need one-way hash functions like md5, sha, or whatever you like (sha is considered more secure than md5). if there really is an attack against the md5-algorithm (with real i mean useable agains real live systems) then we're all in big big trouble. most weaknesses of an algorithm are theoratically and [mostly] unuseable against real live systems.
and these algorithms are the state of the art
not 3des or des3 (it's the same) - it's not state of the art, although it's widely used. (it's just des 3 times with 2 different keys (there are 3 possible ways to use the keys: 1-1-2, 1-2-1, 2-1-1), which equals a key-length of 112 bits which is somewhat weak). it is used because of its speed for session-keys, not for passwords.
christian
p.s. : it exits a attack against md5, but i can't describe details at the moment, i ask my prof.
i really want to know more about this attack. please ask your professor and post the details ;-) regards, stefan