current-users: Re: PROPOSAL: adding capability for blowfish passwords

Subject: Re: PROPOSAL: adding capability for blowfish passwords
To: Steven M. Bellovin <smb@research.att.com>
From: None <itojun@iijlab.net>
List: current-users
Date: 05/24/2002 08:23:12

>My suggested algorithm is this:
>
>	s = salt;	/* or s = hmac_sha512(site-specific-string, salt); */
>	for (i = 0; i < num_iterations; i++)
>		s = hmac_sha512(password, s);

	hmm.  i see.  we should implement $2$ as openbsd does (there's no need
	to be different), and the above algorithm can become $3$.

itojun