Poul-Henning Kamp wrote:
In message <20020325130131.T20936@isnic.is>, Olafur Osvaldsson writes:
auth: MD5-PW 4aabd3dbc0746c8a4b5467f99a4f8524
Why not use md5 crypt wich is already used on many operating systems for passwords?
auth: MD5-PW $1$sD9e4pQn$1832L4.BxsZHusy0plg8i0
The source can be found here:
http://www.freebsd.org/cgi/cvsweb.cgi/src/lib/libcrypt/crypt-md5.c
I agree that a salt makes dictionary attacks very hard if not impossible. And this is good argument in favour of the Olafur's and Poul-Henning's proposal. My main concern here would be that basing the proposed method on an implementation (md5-crypt), which may change or may be mixed with some other implementation, rather than on the documented algorithm (md5 hash), which cannot, may cause confusion in the future. And, as a side question from a person far from cryptography, is it a proved fact that iterative complexity of md5-crypt makes the hash better? Regards, Andrei Robachevsky RIPE NCC