lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 16 Mar 2014 07:17:24 +0000 From: "Poul-Henning Kamp" <phk@....freebsd.dk> To: discussions@...sword-hashing.net, Bill Cox <waywardgeek@...il.com> Subject: Re: [PHC] So what exactly happened to cause the PHC? In message <CAOLP8p5fY9OEj9WrmVYCiUTH1_-9BoSUZSAAEHESzWB7AST6Qg@...l.gmail.com>, Bill Cox writes: >I think I read a year-ish (or two) ago that the author of MD5 was >giving up maintaining the *nix /etc/password code because he couldn't >get anyone to let him fix it, and it clearly is so out of date that it >would make anyone interested in security go nuts. Is this right? My >memory is infamous for it's flaws. No, it was more like me yelling really hard to get people to stop using an almost 20 year old password-scrambler I had written, because they needed something stronger. To what extent that influenced the PHC, if at all, I don't know, but the original instigators can probably clear that up ? -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@...eBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Powered by blists - more mailing lists