On 20/08/10 00:12, Jonathan Leybovich wrote: >> Tim Starling wrote: >> >> So the time has probably come for us to come up with a "C" type >> password hashing scheme, to replace the B-type hashes that we use >> at the moment. > > What about using public key cryptography? Generate a key-pair and > use the "public" key to produce your password hashes. Store the > private key offline in an underground vault just in case someday > you'll need to recover the original passwords in order to rehash > them. Needless to say the key-pair must be entirely for internal > use and not already part of some PKI system (i.e. the basis for one > of Wikimedia's signed SSL certificates).
You don't need to store the original passwords in a recoverable form in order to rehash them. You can just apply extra hashing to the old hash. This is how the A->B transition worked, and it's how the B->C transition should work too, unless someone knows of some kind of cryptographic problem with it. It's a convenient method because it saves the cost of underground vaults, with no loss in security. -- Tim Starling _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
