mailing list archives
Re: passwd hashing algorithm
From: casper () fwi uva nl (Casper Dik)
Date: Fri, 14 Apr 1995 12:32:45 +0200
I think you're off base. :) The weakness involves the speed
with which you can des data. Doing to 3des means you (roughly) triple
the attack time, which means that in about 2 years, we'll be back
where we are today. Remember that Crack doesn't really crack
passwords, it just tries to send in lots of passwords, and see when
the output matches.
Using triple des for instead does not increase crack time at all.
crypt(3) is 25-fold des, so triple des would give an 8-fold increase
in crack speed. Using triple des will severely weaken the password
(Note that the crypt(3) algorithm doesn't "encrypt" the password, it
uses the passowrd to encrypt an all 0 bits plain text 25 times with
a lightly modified des.)
What you want is a strong authenticating function; something
that the user can do to demonstrate identity (and possibly possession)
to a server. I doubt that reusable passwords are up to the task,
unless you're using some solid encryption client. If you're going to
build a smart client, you might as well build in smart authentication.
Correct. Challenge/response systems are probably best, as they need
not require the remote terminal to have any intelligence at all.
You need to carry your "challenge responder (token card, skey list)"
with you though. Running encrypted sessions over the internet will require
much more from the remote end. And it'll require some form of cooperation from