From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/1492
Path: news.gmane.org!not-for-mail
From: Solar Designer <solar@openwall.com>
Newsgroups: gmane.linux.lib.musl.general
Subject: Re: crypt* files in crypt directory
Date: Fri, 10 Aug 2012 01:44:31 +0400
Message-ID: <20120809214431.GA29233@openwall.com>
References: <20120808022421.GE27715@brightrain.aerifal.cx> <20120808044235.GA22470@openwall.com> <20120808075233.GJ30810@port70.net> <20120808130622.GJ27715@brightrain.aerifal.cx> <20120809015104.GA24515@openwall.com> <20120809032527.GN27715@brightrain.aerifal.cx> <20120809040432.GA24985@openwall.com> <20120809054804.GO27715@brightrain.aerifal.cx> <20120809155254.GA28303@openwall.com> <20120809211736.GT27715@brightrain.aerifal.cx>
Reply-To: musl@lists.openwall.com
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: dough.gmane.org 1344548676 6853 80.91.229.3 (9 Aug 2012 21:44:36 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Thu, 9 Aug 2012 21:44:36 +0000 (UTC)
To: musl@lists.openwall.com
Original-X-From: musl-return-1493-gllmg-musl=m.gmane.org@lists.openwall.com Thu Aug 09 23:44:37 2012
Return-path: <musl-return-1493-gllmg-musl=m.gmane.org@lists.openwall.com>
Envelope-to: gllmg-musl@plane.gmane.org
Original-Received: from mother.openwall.net ([195.42.179.200])
	by plane.gmane.org with smtp (Exim 4.69)
	(envelope-from <musl-return-1493-gllmg-musl=m.gmane.org@lists.openwall.com>)
	id 1SzaWx-0004if-UX
	for gllmg-musl@plane.gmane.org; Thu, 09 Aug 2012 23:44:36 +0200
Original-Received: (qmail 5450 invoked by uid 550); 9 Aug 2012 21:44:35 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
Original-Received: (qmail 5442 invoked from network); 9 Aug 2012 21:44:35 -0000
Content-Disposition: inline
In-Reply-To: <20120809211736.GT27715@brightrain.aerifal.cx>
User-Agent: Mutt/1.4.2.3i
Xref: news.gmane.org gmane.linux.lib.musl.general:1492
Archived-At: <http://permalink.gmane.org/gmane.linux.lib.musl.general/1492>

On Thu, Aug 09, 2012 at 05:17:36PM -0400, Rich Felker wrote:
> After some casual tests, I would say somewhere around 16 is
> appropriate as the absolute upper cut-off, and 12-14 is probably the
> "point a good bit lower" we're aiming for. Anyone else have opinions
> on this? Information on what's in common use in the wild? (I would
> guess 4-8 is typical in the wild..)

4-12 exist in the wild for password authentication, larger values are
sometimes seen for other uses (you may choose not to support such uses).

I think the defaults are as follows:

Solaris - $2a$04 once bcrypt is enabled (it is not by default)
CommuniGate Pro - $2a$05, ditto
OpenBSD - $2a$08 for root, $2a$06 for non-root
Owl - $2y$08 for all by default
openSUSE - $2y$10 for all by default

Google web searches also find numerous instances of $2a$12, albeit
mostly in discussions on use of bcrypt from scripts and such.

An example use other than password authentication:

http://crypto.stackexchange.com/questions/1765/can-i-construct-a-zero-knowledge-proof-that-i-solved-a-project-euler-problem

This has $2a$16 and $2a$20 samples.

The paper and slides on scrypt compare it against bcrypt at up to $2a$16
("tuned for file encryption").

Alexander