DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=31440>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=31440 ------- Additional Comments From [EMAIL PROTECTED] 2008-01-27 15:05 ------- > Andreas, I think you're on the right track, but your patch only adds the > appearance of greater randomness. The core problem here is poor seeding of the > PRNG. Every salted output from htpasswd starts with using time() to feed > srand(). Even with your patch, htpasswd will always use the same seed at the > any given time. This is not a matter of randomness (or at least that was not my point), it's a matter of how the salt of the hash looks like. With the old method (which I fixed with my patch from 2004), an attacker could base a precomputation attack on the assumption that the salt only has 32 bits, even though the format would allow up to 48 bits of salt. Of course, even with 32 bits of salt, a precomputation still seems quite infeasible, but it still doesn't exhaust the possible maximum of 48 bits of salt (which obviously must have been in the mind of the original authors, otherwise they would have spread the 32 bits of rand() to 6 bytes instead of 8 bytes). And that was the original point of my patch. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
