On 08/15/2012 11:48 AM, Bruce Momjian wrote:
On Wed, Aug 15, 2012 at 11:37:04AM -0400, Andrew Dunstan wrote:
On 08/15/2012 11:22 AM, Joe Conway wrote:
On 08/15/2012 06:48 AM, Tom Lane wrote:
On Wed, Aug 15, 2012 at 6:11 AM, Bruce Momjian <br...@momjian.us> wrote:
Is there a TODO here?
If anybody's concerned about the security of our password storage,
they'd be much better off working on improving the length and randomness
of the salt string than replacing the md5 hash per se.
Or change to an md5 HMAC rather than straight md5 with salt. Last I
checked (which admittedly was a while ago) there were still no known
cryptographic weaknesses associated with an HMAC based on md5.
Possibly. I still think the right time to revisit this whole area
will be when the NIST Hash Function competition ends supposedly
later this year. See
<http://csrc.nist.gov/groups/ST/hash/timeline.html>. At that time we
should probably consider moving our password handling to use the new
standard function.
Are we really going to be comforable with a algorithm that is new?
The only thing that will be new about it will be that it's the new
standard. There is a reason these crypto function competitions runs for
quite a few years.
cheers
andrew
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
