In message <9411151727.AA02575@snark.imsi.com>, "Perry E. Metzger" writes:
> 
> Christopher Klaus says:
> > Talking newsham on IRC on the #netbsd channel, I pointed out that md5 is a
> > lot faster to compute than des, so pw cracking would be easier. newsham
> > pointed out that you can take nth of the md5 string. so, it might be a good
> > idea to include with the salt, a variable for taking the md5 to the nth
> > so that cracking with big dictionaries arent dramatically speeded up.
> 
> I think increasing the size of the salt to, say, 16 bits or even more,
> would also be effective at discouraging dictionary attacks. Also, with
> arbitrary length passwords dictionary attacks become much less
> practical provided people start to use longer passphrases.
> 

Why increase only to 16 bits?  How about this format:

------------------------------------------------
| 1 byte salt length | ... salt ... | MD5 Hash |
------------------------------------------------

This ought to keep things pretty secure...

--Toby.
*----------------------------------------------------------------------------*
| Tobias Weingartner | Email: weingart@BrandonU.Ca | Need a Unix sys-admin?  |
| Box 27, Beulah, MB |-----------------------------| Send E-Mail for resume, |
| R0M 0B0, Canada    | Unix Guru, Admin, Sys-Prgmr | and other details...    |
|----------------------------------------------------------------------------|
|      %SYSTEM-F-ANARCHISM, The operating system has been overthrown         |
*----------------------------------------------------------------------------*