[Cryptography] The proper way to hash password files
Dave Horsfall
dave at horsfall.org
Sun May 25 17:39:03 EDT 2014
On Thu, 22 May 2014, Phillip Hallam-Baker wrote:
> It occurs to me that most of the time, machines do password files wrong.
> Rather than using a salted hash, a better approach would be to use a MAC
> with a randomly chosen key that is never disclosed.
Giggle. In the really early days of Unix, passwords were stored in the
clear, in a world-unreadable file, but using a temporary file for
intermediate processing. Then, one day, it picked the same file as did a
text editor, and the emperor suddenly had no clothes... Major oops.
Thus was born the Enigma scheme with an extra rotor, and then salted DES;
looks like FreeBSD is using MD5. I really have to find that article.
I vaguely recall reading somewhere that even MD5 has been broken, and
that we should be using AES, as recommended by the good folks at the CIA.
The trouble with computers is that they keep getting faster...
Double giggle: in my Uni days, word quickly got around that to get the
system password on the CDC Cyber, you merely had to interrupt a process at
just the right time. I was almost caught, when the department head and
the computer manager walked into the terminal room, discussing this very
problem.
-- Dave, who will strenuously deny that he wrote the above
More information about the cryptography
mailing list