lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 16 Mar 2014 07:17:24 +0000
From: "Poul-Henning Kamp" <>
To:, Bill Cox <>
Subject: Re: [PHC] So what exactly happened to cause the PHC?

In message <>, Bill Cox writes:

>I think I read a year-ish (or two) ago that the author of MD5 was
>giving up maintaining the *nix /etc/password code because he couldn't
>get anyone to let him fix it, and it clearly is so out of date that it
>would make anyone interested in security go nuts.  Is this right?  My
>memory is infamous for it's flaws.

No, it was more like me yelling really hard to get people to stop using
an almost 20 year old password-scrambler I had written, because they
needed something stronger.

To what extent that influenced the PHC, if at all, I don't know,
but the original instigators can probably clear that up ?

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@...eBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

Powered by blists - more mailing lists