From: Fergal Daly (fergal at domain esatclear.ie)
Date: Mon 18 Jun 2001 - 16:18:18 IST
On Mon, Jun 18, 2001 at 01:20:07PM +0100, Justin Mason wrote:
> > I was thinking of using UNIX crypt as the one-way and XORing in chunks (with
> > a binary rather than ASCII version of the PIN) as the reversible method.
>
> It sounds good. I would use stronger encryption, however; it doesn't hurt
> and the source is freely available. For example, use md5 passwords for
> the one-way hash, and use a symmetric algorithm, like Blowfish (or Twofish
> or Rijndael) for the reversible method. Using just XOR is way too fast to
> be safe ;)
The way I was thinking, the encrypted UNIX password isn't really open to
brute force attack as there's no way to know if you've got the right answer
without actually trying to authenticate or testing it against the 1-way. So
the speed of the 2-way algorithm isn't important, unless you know that the
passwords are already using a particular subset of ASCII in which case you
can do a lot of elimination just using the 2-way.
It is more important for the 1-way. Assuming people only use about 64
different characters for passwords that's 48 bits whereas a 10 digit PIN is
about 32 bits so whatever 1-way algo I pick would ideally be at least 65536
times more expensive to compute than UNIX crypt... Any idea of the relative
speeds of these algos?
Fergal
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:10:43 GMT