Making it pluggable is probably not much more work but I have to point at that "use sha256" is an inadequate description of a secure password hashing protocol.
B. On 6 July 2011 14:05, Benoit Chesneau <[email protected]> wrote: > On Wed, Jul 6, 2011 at 2:43 PM, Robert Newson <[email protected]> wrote: >> All, >> >> Our current password hashing scheme is weak. In fact, it's regarded as >> weak as plaintext. I'd like to change that. >> >> Some time ago I wrote some code to implement the PBKDF2 protocol. This >> is a cryptographically sound means of deriving a key from a password. >> The output is also usable as a password hash. An important part of the >> protocol is that the work factor can be increased by increasing the >> loop count. Additionally, it is not tied to a specific digest >> algorithm. All these points are not true of the sometimes proposed >> alternative called 'bcrypt' which I do not recommend. >> >> I would like this to go into CouchDB 1.2. New passwords, and updated >> passwords, from 1.2 onwards would use the new scheme, but 1.2 will, >> obviously, be able to verify the current style. This work will take >> place within couch_server where hash_admin_passwords currently lives. >> >> The PKBDF2 code is here: >> https://github.com/rnewson/couchdb/tree/pbkdf2. It passes all the test >> vectors. >> >> The ticket for this work is >> https://issues.apache.org/jira/browse/COUCHDB-1060 >> >> B. >> > That sounds good. I would prefer however a customizable hashing method > for passwords so we can change it easily depending the target. Some > administrations for example require that you use some methods (like > sha256 in europe) and it would be very useful. > > - benoƮt >
