| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20100803155541.GA660@openwall.com> Date: Tue, 3 Aug 2010 19:55:41 +0400 From: Solar Designer <solar@...nwall.com> To: HD Moore <HD_Moore@...id7.com> Cc: "bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com> Subject: Re: [R7-0035] VxWorks Authentication Library Weak Password Hashing On Mon, Aug 02, 2010 at 11:55:05PM -0400, HD Moore wrote: > -- Vendor Response: > Wind River Systems has notified their customers of the issue and > suggested that each downstream vendor replace the existing hash > implementation with SHA512 or SHA256. Like, without salting and stretching/strengthening? That's not the best suggestion. I try to explain this without going into too much detail here: http://www.openwall.com/articles/PHP-Users-Passwords#salting At this time, vendors should implement either bcrypt (Blowfish-based): http://www.openwall.com/crypt/ or SHA-crypt (usually the kind of it based on SHA-512, because that makes better use of 64-bit CPUs): http://www.akkadia.org/drepper/sha-crypt.html There's almost no security difference between these two. Both should be replaced with something even better eventually - along the lines of scrypt (adding more parallelism and configurable memory cost) - but we're not ready for that yet (no peer-reviewed and agreed upon implementation to recommend to vendors, even though some ideas in this area have been floating around since 1990s). Alexander
Powered by blists - more mailing lists