From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/1494 Path: news.gmane.org!not-for-mail From: Rich Felker Newsgroups: gmane.linux.lib.musl.general Subject: Re: crypt* files in crypt directory Date: Thu, 9 Aug 2012 18:08:25 -0400 Message-ID: <20120809220825.GV27715@brightrain.aerifal.cx> References: <20120808044235.GA22470@openwall.com> <20120808075233.GJ30810@port70.net> <20120808130622.GJ27715@brightrain.aerifal.cx> <20120809015104.GA24515@openwall.com> <20120809032527.GN27715@brightrain.aerifal.cx> <20120809040432.GA24985@openwall.com> <20120809054804.GO27715@brightrain.aerifal.cx> <20120809155254.GA28303@openwall.com> <20120809211736.GT27715@brightrain.aerifal.cx> <20120809214431.GA29233@openwall.com> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Trace: dough.gmane.org 1344550067 17080 80.91.229.3 (9 Aug 2012 22:07:47 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Thu, 9 Aug 2012 22:07:47 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-1495-gllmg-musl=m.gmane.org@lists.openwall.com Fri Aug 10 00:07:47 2012 Return-path: Envelope-to: gllmg-musl@plane.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by plane.gmane.org with smtp (Exim 4.69) (envelope-from ) id 1SzatN-0000UJ-2u for gllmg-musl@plane.gmane.org; Fri, 10 Aug 2012 00:07:45 +0200 Original-Received: (qmail 15467 invoked by uid 550); 9 Aug 2012 22:07:43 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: Original-Received: (qmail 15452 invoked from network); 9 Aug 2012 22:07:43 -0000 Content-Disposition: inline In-Reply-To: <20120809214431.GA29233@openwall.com> User-Agent: Mutt/1.5.21 (2010-09-15) Xref: news.gmane.org gmane.linux.lib.musl.general:1494 Archived-At: On Fri, Aug 10, 2012 at 01:44:31AM +0400, Solar Designer wrote: > On Thu, Aug 09, 2012 at 05:17:36PM -0400, Rich Felker wrote: > > After some casual tests, I would say somewhere around 16 is > > appropriate as the absolute upper cut-off, and 12-14 is probably the > > "point a good bit lower" we're aiming for. Anyone else have opinions > > on this? Information on what's in common use in the wild? (I would > > guess 4-8 is typical in the wild..) > > 4-12 exist in the wild for password authentication, larger values are > sometimes seen for other uses (you may choose not to support such uses). Then 12 is probably not a good cut-off, which is frustrating because 12 is getting to the point where it's unreasonable load on a mid-range system (takes ½ sec on my atom). > I think the defaults are as follows: > > Solaris - $2a$04 once bcrypt is enabled (it is not by default) > CommuniGate Pro - $2a$05, ditto > OpenBSD - $2a$08 for root, $2a$06 for non-root > Owl - $2y$08 for all by default > openSUSE - $2y$10 for all by default Thanks, very informative. > An example use other than password authentication: > > http://crypto.stackexchange.com/questions/1765/can-i-construct-a-zero-knowledge-proof-that-i-solved-a-project-euler-problem > > This has $2a$16 and $2a$20 samples. > > The paper and slides on scrypt compare it against bcrypt at up to $2a$16 > ("tuned for file encryption"). I think this potentially needs to be something we just don't support. I can see the interest in being able to use crypt as a general purpose hashing API, but I think I'd have a hard time convincing myself to prioritize that over ensuring bounded runtime. Rich