lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 22 Mar 2014 11:17:34 +0100
From: Christian Forler <>
Subject: Re: [PHC] Transforming hash to different cost setting

On 22.03.2014 10:39, Krisztián Pintér wrote:
> Christian Forler (at Saturday, March 22, 2014, 10:32:45 AM):
>> This reasonable assumption implies that profit oriented companies will
>> not delete old password hashes.
> they also won't use expensive password hashes or forward secrecy.
> except if the customer demands it. not necessarily in form of a piece
> of technology they don't even understand. but for example in form of
> badges. imagine something like "Forler Security seal of approval". if
> it has value, and sooner or later it will, those profit oriented
> companies will start using everything you say to them.

OK. Assume company X sells a very successful userDB. For to the sake of
PR. they change the every decade the default password hashing algorithm
(PHA), eg, version 1.0 is shipepd with md5crypt as default PHA and
version 12.0 with sha512crypt as PHA.

Suppose X has done a great job and replace md5crypt hashes with
sha512crypt hashes when possible, i.e, each time when an old user logs
in, her md5crypt hash will be converted into an sha512crypt hash.

Unfortunately, the md5crypt password hashes of inactive users are not
updated. :-(

Users/costumers of userDB are not really involved in this process.

Companies will accept a transparency no-effort solution which improves
the password hash security of their users. The will not delete old user

There are many userDB which contain password hashes of several PHAs
(NULL-hashes, crypt-hashes, md5-hashes, md5crypt-hashes, ...).

BTW. You can replace "userDB" by "operating system" or any other thingy
which stores password hashes.

Best regards,

Download attachment "signature.asc" of type "application/pgp-signature" (535 bytes)

Powered by blists - more mailing lists