On Wed, Mar 10, 1999 at 05:44:40PM -0500, der Mouse wrote: > > I once posted a better algorithm than this [...]... but it never got > > adopted, and anyway, MD5 or SHA1 is a much better bet. > > Years ago, I did an MD5-based crypt(3) for NetBSD. I've been using it > ever since. I believe it is significantly better for several reasons. > One, of course, is that it's nonstandard and hence not vulnerable to > stock crack-alikes... FreeBSD has used MD5 in its crypt(3) algorithm for several years. I believe it was already there in the 2.0 release around 1994. (It does give you the option, at install time, of using DES instead.) The cryptographic benefits are probably still sound, but I would assume that Crack tools try both MD5 and DES on their dictionaries. There are enough FreeBSD systems using MD5 on the net to make it worth the crackers' while. -- Regards, Tim Pierce RootsWeb Genealogical Data Cooperative system obfuscator and hack-of-all-trades
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:38:55 PDT