Password hashing

Jun-ichiro itojun Hagino itojun at itojun.org
Sat Oct 13 00:33:56 EDT 2007


> A proposal for a new password hashing based on SHA-256 or SHA-512 has  
> been proposed by RedHat but to my knowledge has not had any rigorous  
> analysis. The motivation for this is to replace MD-5 based password  
> hashing at banks where MD-5 is on the list of "do not use" algorithms.  
> I would prefer not to have the discussion "MD-5 is good enough for  
> this algorithm" since it is not an argument that the customers  
> requesting these changes are going to accept.

	blowfish anyone?
	http://www.usenix.org/events/usenix99/provos/provos_html/

itojun

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list