This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

MD5 proposal

Previous message (by thread): MD5 proposal
Next message (by thread): MD5 proposal

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andrei Robachevsky andrei at ripe.net
Wed Mar 27 17:50:02 CET 2002

Poul-Henning Kamp wrote:

> In message <20020325130131.T20936 at isnic.is>, Olafur Osvaldsson writes:
> 
> 
>>>auth:             MD5-PW 4aabd3dbc0746c8a4b5467f99a4f8524
>>>
>>>
>>Why not use md5 crypt wich is already used on many operating systems for
>>passwords?
>>
>>auth:             MD5-PW $1$sD9e4pQn$1832L4.BxsZHusy0plg8i0
>>
> 
> The source can be found here:
> 
>    http://www.freebsd.org/cgi/cvsweb.cgi/src/lib/libcrypt/crypt-md5.c
>

I agree that a salt makes dictionary attacks very hard if not 
impossible. And this is good argument in favour of the Olafur's and 
Poul-Henning's proposal.

My main concern here would be that basing the proposed method on an 
implementation (md5-crypt), which may change or may be mixed with some 
other implementation, rather than on the documented algorithm (md5 
hash), which cannot, may cause confusion in the future.

And, as a side question from a person far from cryptography, is it a 
proved fact that iterative complexity of md5-crypt makes the hash better?

Regards,

Andrei Robachevsky
RIPE NCC

Previous message (by thread): MD5 proposal
Next message (by thread): MD5 proposal

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ db-wg Archives ]