[opensuse-security] ::crypt system call slow for blowfish encryption
Hi All, As learned from various sources on the internet, a modified version of blowfish uses key stretching to fight dictionary attacks for passwords. I would request somebody to confirm that, the slowness of the crypt system call in SuSE for blowfish is due to the same reason or similar. Thanks. -- Regards, Ashay W. Buradkar -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
On Fri, Apr 27, 2012 at 08:56:07PM +0530, Ashay Buradkar wrote:
Hi All,
As learned from various sources on the internet, a modified version of blowfish uses key stretching to fight dictionary attacks for passwords.
I would request somebody to confirm that, the slowness of the crypt system call in SuSE for blowfish is due to the same reason or similar.
Yes, thats the case. Currently we run 10 rounds: BLOWFISH_CRYPT_FILES=10 Ciao, Marcus -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
participants (2)
-
Ashay Buradkar -
Marcus Meissner