Password hashing

james hughes hughejp at mac.com
Fri Oct 12 01:49:16 EDT 2007


I forgot to add the links...
	http://people.redhat.com/drepper/sha-crypt.html
	http://people.redhat.com/drepper/SHA-crypt.txt

On Oct 11, 2007, at 10:19 PM, james hughes wrote:

> A proposal for a new password hashing based on SHA-256 or SHA-512  
> has been proposed by RedHat but to my knowledge has not had any  
> rigorous analysis. The motivation for this is to replace MD-5 based  
> password hashing at banks where MD-5 is on the list of "do not use"  
> algorithms. I would prefer not to have the discussion "MD-5 is good  
> enough for this algorithm" since it is not an argument that the  
> customers requesting these changes are going to accept.
>
> Jim
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20071011/5220c600/attachment.html>


More information about the cryptography mailing list