[1494] in bugtraq
Re: passwd hashing algorithm
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Sat Apr 15 19:50:37 1995
To: Rick Busdiecker <rfb@lehman.com>
Cc: Adam Shostack <adam@bwh.harvard.edu>, Full Disclosure <bugtraq@fc.net>
In-Reply-To: Your message of "Fri, 14 Apr 1995 12:30:05 EDT."
<9504141630.AA27432@cfdevx1.lehman.com>
Reply-To: perry@imsi.com
Date: Fri, 14 Apr 1995 20:21:28 -0400
From: "Perry E. Metzger" <perry@imsi.com>
Rick Busdiecker says:
> From: Adam Shostack <adam@bwh.harvard.edu>
> Date: Thu, 13 Apr 1995 13:23:03 -0400 (EDT)
>
> Doing to 3des means you (roughly) triple the attack time, which
> means that in about 2 years, we'll be back where we are today.
>
> This does not fit with my understanding of 3DES. I thought that 3DES
> effectively tripled the key size, i. e. you have to derive three DES
> keys simultaneously in order to crack.
The point is, however, that DES isn't used in crypt(3) as a cipher but
as a weird hash function over an eight byte value, the password, and
you aren't increasing this password's size so you aren't really
improving the situation. Changing things so that the password could be
much longer would actually help, however. A salted MD5 or SHA of a
much longer passphrase space WOULD be more secure because brute force
searches would actually be harder.
Perry
