Re: [twsocket] MD5 passwords

Sat, 21 Nov 2009 18:48:40 -0800 

For who cares about it, its called "freeBSD md5 crypt" or "unix md5 crypt".

some text i had lying around
MD5 crypt was written by Poul-Henning Kamp for FreeBSD. The main reason for using MD5 was to avoid problems with American export prohibitions on cryptographic products, and to allow for a longer password length than the 8 characters used by DES crypt. The password length is restricted only by MD5's maximum message size of 264 bits. The salt can vary from 12 to 48 bits.
MD5 crypt hashes the password and salt in a number of different combinations to slow down the evaluation speed. Some steps in the algorithm make it doubtful that the scheme was designed from a cryptographic point of view--for instance, the binary representation of the password length at some point determines which data is hashed, for every zero bit the first byte of the password and for every set bit the first byte of a previous hash computation.
The output is the concatenation of the version identifier ``$1$'', the salt, a ``$'' separator, and the 128-bit hash output.
MD5 crypt places virtually no limit on the size of passwords, while bcrypt has a maximum of 55 bytes. We do not consider this a serious limitation of bcrypt, however. Not only are users unlikely to choose such long passwords, but if they did, MD5 crypt's 128-bit output size would become the limiting factor in security. A brute force attacker could more easily find short strings hashing to the same value as a user's password than guess the actual password. Finally, like DES crypt, MD5 crypt has fixed cost.
On Sat, 21 Nov 2009 20:24:16 +0100, Ruud Kerstens <ruud.kerst...@hotmail.com> wrote: 



the password 'test' should generate : $1$/mMVthpE$sgNAe9PaR0ORB1YCc1CVq1
The server i need these hashed passwords for is freeradius, however on that site is no real information about this. As you can see the $1$ seems to tell the server it is encrypted, as i understood. 
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to