From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/1455
Path: news.gmane.org!not-for-mail
From: Solar Designer <solar@openwall.com>
Newsgroups: gmane.linux.lib.musl.general
Subject: Re: crypt* files in crypt directory
Date: Wed, 8 Aug 2012 11:24:09 +0400
Message-ID: <20120808072409.GA23439@openwall.com>
References: <alpine.LNX.2.02.1207211701001.1301@localhost.localdomain> <20120808022421.GE27715@brightrain.aerifal.cx> <20120808044235.GA22470@openwall.com> <20120808052844.GF27715@brightrain.aerifal.cx> <20120808062706.GA23135@openwall.com> <CAPLrYETKUwjrV-R6ohPZuDZUXezSMvJM6Dzf7enitPu7gq_2yg@mail.gmail.com>
Reply-To: musl@lists.openwall.com
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: dough.gmane.org 1344410664 22515 80.91.229.3 (8 Aug 2012 07:24:24 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Wed, 8 Aug 2012 07:24:24 +0000 (UTC)
To: musl@lists.openwall.com
Original-X-From: musl-return-1456-gllmg-musl=m.gmane.org@lists.openwall.com Wed Aug 08 09:24:24 2012
Return-path: <musl-return-1456-gllmg-musl=m.gmane.org@lists.openwall.com>
Envelope-to: gllmg-musl@plane.gmane.org
Original-Received: from mother.openwall.net ([195.42.179.200])
	by plane.gmane.org with smtp (Exim 4.69)
	(envelope-from <musl-return-1456-gllmg-musl=m.gmane.org@lists.openwall.com>)
	id 1Sz0cx-0008HV-4V
	for gllmg-musl@plane.gmane.org; Wed, 08 Aug 2012 09:24:23 +0200
Original-Received: (qmail 26509 invoked by uid 550); 8 Aug 2012 07:24:18 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
Original-Received: (qmail 26482 invoked from network); 8 Aug 2012 07:24:14 -0000
Content-Disposition: inline
In-Reply-To: <CAPLrYETKUwjrV-R6ohPZuDZUXezSMvJM6Dzf7enitPu7gq_2yg@mail.gmail.com>
User-Agent: Mutt/1.4.2.3i
Xref: news.gmane.org gmane.linux.lib.musl.general:1455
Archived-At: <http://permalink.gmane.org/gmane.linux.lib.musl.general/1455>

On Wed, Aug 08, 2012 at 09:03:00AM +0200, Daniel Cegie?ka wrote:
> If closer to upstream, it would be preferable to use scrypt:
> http://www.tarsnap.com/scrypt.html

Huh?  As far as I'm aware, there's still no crypt(3) encoding syntax
defined for scrypt (which is intended primarily as a KDF rather than a
password hashing method for servers), so we'd have to devise our own.
How is that "closer to upstream"?

It does make sense to use scrypt for password hashing, but how exactly
that will be done and whether it'll be scrypt or something future
inspired by scrypt and others is not clear yet:

http://www.openwall.com/lists/crypt-dev/2011/05/12/4
http://www.openwall.com/lists/crypt-dev/2012/08/07/1

Alexander