Subject: Re: crypt(3)
To: None <firstname.lastname@example.org>
From: Christopher Klaus <email@example.com>
Date: 11/15/1994 11:10:35
> Tim Newsham says:
> > > If this _is_ because of export restrictions, would anyone be interested
> > > in a one-way function for passwords that I built on top of md5? Since
> > > it has nothing to do with any encryption method, it should be fully
> > > exportable from everywhere.
> > Do it. Exportability would not be the only plus with using md5.
> Replacing crypt(3) with MD5, if done properly (i.e., a salt was still
> there, arbitrary length passwords were now permitted) would be a great
> boon for everyone, not just those overseas.
Talking newsham on IRC on the #netbsd channel, I pointed out that md5 is a
lot faster to compute than des, so pw cracking would be easier. newsham
pointed out that you can take nth of the md5 string. so, it might be a good
idea to include with the salt, a variable for taking the md5 to the nth
so that cracking with big dictionaries arent dramatically speeded up.
Christopher William Klaus Voice: (404)518-0099. Fax: (404)518-0030
Internet Security Systems, Inc. Computer Security Consulting
2209 Summit Place Drive, Atlanta, GA. 30350-2450.