> I once posted a better algorithm than this [...]... but it never got > adopted, and anyway, MD5 or SHA1 is a much better bet. Years ago, I did an MD5-based crypt(3) for NetBSD. I've been using it ever since. I believe it is significantly better for several reasons. One, of course, is that it's nonstandard and hence not vulnerable to stock crack-alikes - but quite aside from that, it has benefits: - MD5 is of clearer US export status than DES (even encryption-only DES engines can be used for data secrecy if you use CFB or OFB). - The salt is large enough for the foreseeable future (128 bits). - The round count is a parameter and is stored as part of the hash (meaning, there's no compatability issue involved with raising this as CPUs get faster). - The hash format is extensible (it begins with a version number). Of course, *any* hash except the "standard" traditional one may introduce compatability problems if it's shared with NIS (nee YP) or moral equivalent. I will be happy to send a copy of the code, or a text description of the algorithm, to anyone who wants one. der Mouse mouseat_private 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:38:51 PDT