| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGKxTURb4VqRPTtJHALkRnpS4t_WF72HTstn=hF+WfWu=cRP=Q@mail.gmail.com> Date: Mon, 14 Sep 2015 15:49:29 +1000 From: Christian Heinrich <christian.heinrich@...h.id.au> To: discussions@...sword-hashing.net Subject: Re: [PHC] CynoPrime finds AM src.code flaws, AND YOU KNOW WHAT HAPPENS NEXT Alexander, http://cynosureprime.blogspot.com.au/2015/09/csp-our-take-on-cracked-am-passwords.html On Sun, Sep 13, 2015 at 9:24 PM, Solar Designer <solar@...nwall.com> wrote: > On Sun, Sep 13, 2015 at 03:16:34PM +1000, Christian Heinrich wrote: > This API is new with 5.5. bcrypt was available via crypt() since 5.3. http://www.openwall.com/lists/announce/2011/06/21/1 well played sir and I stand corrected :) Aside from length, is there any other weaknesses when the string is truncated to 72 characters? -- Regards, Christian Heinrich http://cmlh.id.au/contact
Powered by blists - more mailing lists