On 2015-09-15 08:20, Etienne Champetier wrote: > Hi, > > Le 15 sept. 2015 01:40, "Felix Fietkau" <n...@openwrt.org > <mailto:n...@openwrt.org>> a écrit : >> >> On 2015-09-15 00:22, Etienne Champetier wrote: >> > Hi Felix, >> > >> > Maybe we should keep sha512 and switch to it? md5 is not best security >> > practice these days. >> I don't see the point. It's true that for file integrity purposes, md5 >> is weaker than sha512, but for salted passwords it should not make much >> of a practical difference. Cryptographic attacks against MD5 don't work >> here, brute force is still the fastest way to crack those. > > Yep, and there is a 100x between md5 and sha512, so it does matter a bit > http://blog.codinghorror.com/speed-hashing/ If you're interested in making passwords hard to crack, switching to SHA512 is an almost pointless band-aid, not a real fix. In the world of cryptography, a 100x increase isn't exactly a lot. If you want to make passwords really hard to crack, you could make the code use something like PBKDF2...
>> > I've checked, ubuntu 14.04 and fedora 22 both use sha512 in /etc/shadow >> Not a very convincing reason for me. The impractical aspect of switching >> password hashing algorithms is that we then need to support both the new >> one and the old one for a long time. > If 5k is the cost of some more security, i'm personnaly OK to pay the price If you propose a real fix (e.g. using a hash that was not designed to be fast), I will have no problem with adding a few kilobytes of bloat... - Felix _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel