mailing list archives
Re: passwd hashing algorithm
From: perry () imsi com (Perry E. Metzger)
Date: Fri, 14 Apr 1995 20:21:28 -0400
Rick Busdiecker says:
From: Adam Shostack <adam () bwh harvard edu>
Date: Thu, 13 Apr 1995 13:23:03 -0400 (EDT)
Doing to 3des means you (roughly) triple the attack time, which
means that in about 2 years, we'll be back where we are today.
This does not fit with my understanding of 3DES. I thought that 3DES
effectively tripled the key size, i. e. you have to derive three DES
keys simultaneously in order to crack.
The point is, however, that DES isn't used in crypt(3) as a cipher but
as a weird hash function over an eight byte value, the password, and
you aren't increasing this password's size so you aren't really
improving the situation. Changing things so that the password could be
much longer would actually help, however. A salted MD5 or SHA of a
much longer passphrase space WOULD be more secure because brute force
searches would actually be harder.