At 8:26 AM -0700 6/4/99, Arnold G. Reinhold wrote:
At 9:18 AM +1000 6/2/99, Greg Rose wrote:
(IMHO the design decision that would most profitably have changed was the
limitation to 8 character passwords, not the salt.
I agree with you here, though as Steve Bellovin pointed out, hashing hadn't
At 9:18 AM +1000 6/2/99, Greg Rose wrote:
At 16:38 1/06/99 -0400, it was written: [by Arnold Reinhold]
...
I would argue that UNIX is an excellent object lesson for John's point. 12
bits was a bad design decision, even in the 70's.
I take exception to this last statement. The design (of the
At 16:38 1/06/99 -0400, it was written:
At 11:48 AM -0400 6/1/99, Steven M. Bellovin replied to John Kelsey
[EMAIL PROTECTED] message:
Why 32 bits? Salts are good, and often cheap, but I'm curious what your
rationale is. Traditionally, a salt serves two purposes: to increase the
expense (CPU
