Bugtraq mailing list archives
Re: passwd hashing algorithm
From: rfb () lehman com (Rick Busdiecker)
Date: Fri, 14 Apr 1995 12:30:05 -0400
From: Adam Shostack <adam () bwh harvard edu>
Date: Thu, 13 Apr 1995 13:23:03 -0400 (EDT)
Doing to 3des means you (roughly) triple the attack time, which
means that in about 2 years, we'll be back where we are today.
This does not fit with my understanding of 3DES. I thought that 3DES
effectively tripled the key size, i. e. you have to derive three DES
keys simultaneously in order to crack. This should make the attack
time significantly greater than 3 times the DES attack time. If it is
merely the case of deriving three keys independently, 3DES is already
useless. Since people often compare the security of 3DES to IDEA, I
don't think that this is the case.
Rick
Current thread:
- Re: UUCP/sendmail configs.. der Mouse (Apr 10)
- Re: UUCP/sendmail configs.. Dave Williss (Apr 11)
- Sendmail 5.65? David Cohen (Apr 11)
- Re: UUCP/sendmail configs.. Mark (Apr 12)
- passwd hashing algorithm Dave Stagner (Apr 13)
- Re: passwd hashing algorithm Adam Shostack (Apr 13)
- Re: passwd hashing algorithm Casper Dik (Apr 14)
- Re: passwd hashing algorithm Rick Busdiecker (Apr 14)
- Re: passwd hashing algorithm Adam Shostack (Apr 14)
- Re: passwd hashing algorithm Perry E. Metzger (Apr 14)
- I wanna get a mailing list... Kim Whi-kang (Apr 15)
- Re: passwd hashing algorithm Robert M. Haas (Apr 15)
- Re: UUCP/sendmail configs.. Dave Williss (Apr 11)