Subject: Re: PROPOSAL: adding capability for blowfish passwords
To: None <firstname.lastname@example.org>
From: Perry E. Metzger <email@example.com>
Date: 05/24/2002 11:36:09
> >My suggested algorithm is this:
> > s = salt; /* or s = hmac_sha512(site-specific-string, salt); */
> > for (i = 0; i < num_iterations; i++)
> > s = hmac_sha512(password, s);
> hmm. i see. we should implement $2$ as openbsd does (there's no need
> to be different), and the above algorithm can become $3$.
the $3$ notion is probably an idea to mention on bsd-api-discuss...
Perry E. Metzger firstname.lastname@example.org
NetBSD: The right OS for your embedded design. http://www.wasabisystems.com/