mailing list archives
Re: passwd hashing algorithm
From: adam () bwh harvard edu (Adam Shostack)
Date: Fri, 14 Apr 1995 13:06:33 -0400 (EDT)
| From: Adam Shostack <adam () bwh harvard edu>
| Date: Thu, 13 Apr 1995 13:23:03 -0400 (EDT)
| Doing to 3des means you (roughly) triple the attack time, which
| means that in about 2 years, we'll be back where we are today.
| This does not fit with my understanding of 3DES. I thought that 3DES
| effectively tripled the key size, i. e. you have to derive three DES
3des doubles the effective keysize (not triples because of the
birthday problem--see Schneier for details.) I was assuming the 3
keys would be the same, since theres no place to store an extra key in
the passwd file, and the original poster seemed to want to maintain
But, if you have reusable passwords (of any quality) over the
net, you need to be encrypting the session. If you've got a smart
client to do the session encryption, you might as well use a
challenge/response system while you're at it.
I'm assuming here that roving people will not always carry
their own key, and thus, there is an option to only use the server's
public key in negotiations for confidentiality, and use some c/r
mechanism for authentication.
"It is seldom that liberty of any kind is lost all at once."