Re: strong passwords (was Radius/MS ISA stuff)

[Barney Wolff <barney () tp databus com>]

You're looking at the wrong number.  The Birthday Paradox means that
*if you have 2^64 things* you've got about a 50:50 chance of finding two
that hash to the same value.  But you still have to look at about
2^127 things to find one with a hash equal to a desired one.  You're
much wiser to attack the password itself than MD5.

CHAP demands good passwords.  As a practical matter, that means a
random system-assigned password, kept on the client's computer, rather
than a user-chosen password.  If the client's computer has been hacked,
the keystroke monitor will capture a user-entered password, no matter
how good, so there's little added risk in letting the computer keep it.

The trouble with letting the ISP accept any <joeshmo () bigcorp com> and
doing the real authentication later via IPsec or equivalent is that
there is no standard way for bigcorp's authentication server to then
tell the ISP to disconnect the caller.

On Mon, Jul 08, 2002 at 11:40:14AM -0400, Paul Robertson wrote:
> Ha!  2^64 is the "strength" of MD5 given collisions, methinkis the number 
> is more significant than "just made up!"  SHA1 is good for 2^128, I've 
> always wondered why all the crypto geeks didn't go to SHA1 for password 
> hashes.

-- 
Barney Wolff
I never met a computer I didn't like.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards