Hi! On Wed, 16 Aug 2000, Kurt Seifried wrote:
Yeah, and I just bought a 60gig HD for $219 US, it's insane (that and I have a half dozen PIII coppermine systems to crunch the data, I figure <1 week to generate the database). Hmm, something to do on the weekend maybe =) (with a web interface too, heeeee).
Yes... would be nice... maybe you could even sell your services over the web... the credit card software is in the SuSE 6.4 pay-directory :o)
I guess it's time to replace crypt() with a more modern algorithm. OpenBSD uses eks-Blowfish, which seems to do the job wonderfully. Would it be possible to implement this in SuSE Linux? I guess with PAM this should not be too much work. Also I'd think that when implementing it in PAM as an option there should not be any serious compatibility problems. Did anybody try this yet? If not I'm willing to invest some time in it in the near future...
RedHat moved to MD5 quite some time ago. I'm rather shocked SuSE hasn't.
Indeed. Although MD5 is not the best solution either. Of course any password algorithm is only sufficiently strong for a couple of years, although some algorithms may be expected to "live" longer than others. See for example crypt() which was uncrackable by even supercomputers in 1976, but is a piece of cake nowadays. Of the algorithms I know Bruce Schneier's (1994) Blowfish would have my preference because it can be expected to be too expensive to crack (computationally speaking) for a much longer time than - for example - MD5. Even better would be Niels Provos and David Mazieres' (unpubl. ms.) adaptation eks-Blowfish (expensive key schedule Blowfish) because the computational cost can be set by the user or administrator to easily and transparently adapt to increasing processor power. Also several people (most notably B. den Boer & A. Bosselaers (1994)) have demonstrated several weaknesses in MD5. It has been shown, among other things, that MD5 fails in one of its most important design issues: creation of a collision-resistant compression function. The compression function in MD5 is far from collision-resistant, and although I do not know of an easy way to abuse these weaknesses in MD5, other people might. And if not it's probably only a matter of time until someone creates an exploit. Because of these issues I would prefer using another algorithm if at all possible. Cheers! Yuri. PS. For those among you that are interested in cryptanalysis: full references to cited papers are available upon request. -------------------------------------------------------------------------- drs. Yuri Robbers phone : +31-71-527-4966 Leiden University fax : +31-71-527-4900 Institute for Theoretical Biology email : robbers@rulsfb.leidenuniv.nl Kaiserstraat 63 2311 GP Leiden PGP 5.0 public key available: the Netherlands Check your favourite hkp server. --------------------------------------------------------------------------