Bugtraq mailing list archives

Re: passwd hashing algorithm

From: smb () research att com (smb () research att com)
Date: Fri, 14 Apr 95 08:33:16 EDT


         My take on this is that encryption is NOT the way to go.
         This would mean that there exists a key that could decrypt the
         entire password file.  On this count triple DES is no better
         than regular DES.  From my understanding the MD5 would work
         well.  It is non-reversible.

In the current scheme, DES is used as a one-way function; the password
file is non-invertible.  See the Morris and Thompson paper.

Current thread:

Re: passwd hashing algorithm don () paranoia com (Apr 13)
- Re: passwd hashing algorithm Perry E. Metzger (Apr 13)
- Re: passwd hashing algorithm Jon Peatfield (Apr 15)
  - Re: passwd hashing algorithm Timothy Newsham (Apr 17)
- <Possible follow-ups>
- Re: passwd hashing algorithm Louis Taber (Apr 13)
  - Re: passwd hashing algorithm maquis (Apr 14)
    - Re: passwd hashing algorithm John F. Haugh II (Apr 16)
  - Re: passwd hashing algorithm Charles Howes (Apr 14)
- Re: passwd hashing algorithm der Mouse (Apr 14)
- Re: passwd hashing algorithm smb () research att com (Apr 14)
- Re: passwd hashing algorithm Dennis Glatting (Apr 15)
- Re: passwd hashing algorithm smb () research att com (Apr 16)
  - Re: passwd hashing algorithm David A. Wagner (Apr 17)
    - Re: passwd hashing algorithm John F. Haugh II (Apr 18)
    - Re: passwd hashing algorithm David A. Wagner (Apr 18)
    - Re: passwd hashing algorithm Charlie Watt (Apr 19)
    - Re: passwd hashing algorithm Tom Fitzgerald (Apr 19)
    - Re: passwd hashing algorithm Charlie Watt (Apr 20)
    - The Dan Farmer rap Julian Assange (Apr 17)
    - Re: The Dan Farmer rap Jonathan M. Bresler (Apr 20)

(Thread continues...)