current-users: Re: PROPOSAL: adding capability for blowfish passwords

Subject: Re: PROPOSAL: adding capability for blowfish passwords
To: Simon Burge <simonb@wasabisystems.com>
From: Steven M. Bellovin <smb@research.att.com>
List: current-users
Date: 05/23/2002 20:38:32

In message <20020524000244.51CCA53E7F@thoreau.thistledown.com.au>, Simon Burge 
writes:
>"Steven M. Bellovin" wrote:
>
>> If you want to 
>> add a new scheme, SHA512 would be a much better choice.
>
>Something SHA based, or something AES based?

SHA -- in particular, the 512-bit version of SHA2.  See
http://csrc.nist.gov/encryption/shs/dfips-180-2.pdf (note that it's 
still a draft FIPS).

		--Steve Bellovin, http://www.research.att.com/~smb (me)
		http://www.wilyhacker.com ("Firewalls" book)