Subject: Re: crypt(3)
To: David Maxwell <>
From: Tobias Weingartner <weingart@austin.BrandonU.CA>
List: current-users
Date: 11/16/1994 16:13:34
In message <>, David Maxwell writes:
> I'm not a cryptographer, but someone here said MD5 runs faster than DES, and
> it would require loops the way DES does. If that's our solution then I don't
> think MD5 will be 'much more secure'. I'd rather have an algorithm that ran
> once, than one that runs 25 times. Feeding the output back to the input
> does defeat some types of lexical analysis, but that gain may be overcome
> due to simplicity of the formula. DES may be less secure simple because more
> people have spend more time hacking it than MD5.

Correct me if I am wrong.  DES is insecure because it has a limited
password length, and only a 4096 possible values for the salt.  MD5, if
done right (even DES for that matter) would be extensible, and be much
more secure.

If your password entry looks like:
| 1 byte salt length | ... Salt ... | MD5 Hash |

Where the salt can be up to 256 bytes long (256 * 8 = 2048 bits!), we can
make it *very* unpractical for any sort of dictionary attack to this string.
The only other thing we have to do, is make sure users user passwords longer
than some preset value (admin changable parameter, as well as the salt length).

Since reversing an MD5 hash is impossible (or 'sposed to be), and finding a
message that hashes to the same is also equally hard, we do not have to slow
down the algorithm at all.

To make passwords even more secure, do something like on VMS, where you have
a system dictionary.  When you change your password, it gets added to the system
dictionary, and is not allowed for use within a certain time period again.
This with a little bit of logic to check for pathological cases like changing
only one or two characters will make hacking passwords very hard.

There is no need to slow the password algorithm down.  Why bog down the machine
when you don't have to.  Make the cracking hard (next to impossible), and leave
the speed alone.  If you really have to slow down something, put in a sleep(foo);
wherever you want a pause.  In that way the machine can use that foo seconds
for something more usefull.

Just my $0.02 worth...

| Tobias Weingartner | Email: weingart@BrandonU.Ca | Need a Unix sys-admin?  |
| Box 27, Beulah, MB |-----------------------------| Send E-Mail for resume, |
| R0M 0B0, Canada    | Unix Guru, Admin, Sys-Prgmr | and other details...    |
|      %SYSTEM-F-ANARCHISM, The operating system has been overthrown         |