In message <3CA1F83A.80802@ripe.net>, Andrei Robachevsky writes:
My main concern here would be that basing the proposed method on an implementation (md5-crypt), which may change or may be mixed with some other implementation, rather than on the documented algorithm (md5 hash), which cannot, may cause confusion in the future.
The implementation will not change, it would screw all cisco router enable passwords and most FreeBSD passwords.
And, as a side question from a person far from cryptography, is it a proved fact that iterative complexity of md5-crypt makes the hash better?
It makes dictionary attacks harder and more timeconsuming, it also makes it harder to do hardware implementations because you need many times more hardware. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.