Firewall Wizards mailing list archives
RE: strong passwords (was Radius/MS ISA stuff)
From: Paul Robertson <proberts () patriot net>
Date: Mon, 8 Jul 2002 11:40:14 -0400 (EDT)
On Mon, 8 Jul 2002, Ben Nagy wrote:
I think that finding any MD5 collision is not a useful work comparison to guessing a specific password. Also, we already know that the collision thing (birthday attack) is the area of MD5 operation that crypto geeks are most worried about.
I'm sorry- I don't get this- if you find either a collison or the password, don't you have the appropriate data to be able to authenticate since either will produce the same hash?
[...]Until then, I'd appreciate any other insights people have.Let's look at it upside down (I should have approached it this way from the start). For a completely random hex password it's a pure 4 bits of entropy per byte.[1] Completely random typeables comes out at 6.55 something bits for my 94 character keyboard. Let's say that order 2^64 is still "safe" for work attacks (that's an arbitrary figure I Just Made Up. I get to do that because it's my email.).
Ha! 2^64 is the "strength" of MD5 given collisions, methinkis the number is more significant than "just made up!" SHA1 is good for 2^128, I've always wondered why all the crypto geeks didn't go to SHA1 for password hashes.
practice. (Although I do routinely use md5sums of random things for VPN shared secrets).
The key (NPI) is that for things where the hash vaule is likely to be sent in the clear or snarfed from a filesystem (.htaccess, /etc/password...) it's questionable if we get much protection from the hash (if any.)
because of mathy exponential goodness. There you go - now you can write
No point here, I just like having "mathy exponential goodness" in my message too ;) Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts () patriot net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Radius access from provider to internal MS ISA Server Christoph Steigmeier (Jul 04)
- Re: Radius access from provider to internal MS ISA Server Paul Robertson (Jul 04)
- RE: Radius access from provider to internal MS ISA Server Ben Nagy (Jul 05)
- RE: Radius access from provider to internal MS ISA Server Paul Robertson (Jul 05)
- Re: Radius access from provider to internal MS ISA Server Kyle R. Hofmann (Jul 05)
- Re: Radius access from provider to internal MS ISA Server Paul Robertson (Jul 05)
- RE: Radius access from provider to internal MS ISA Server Ben Nagy (Jul 07)
- RE: Radius access from provider to internal MS ISA Server Paul Robertson (Jul 07)
- RE: strong passwords (was Radius/MS ISA stuff) Ben Nagy (Jul 08)
- RE: strong passwords (was Radius/MS ISA stuff) Paul Robertson (Jul 08)
- Re: strong passwords (was Radius/MS ISA stuff) Barney Wolff (Jul 08)
- RE: Radius access from provider to internal MS ISA Server Ben Nagy (Jul 05)
- RE: strong passwords (was Radius/MS ISA stuff) Bill Royds (Jul 08)
- Re: Radius access from provider to internal MS ISA Server Paul Robertson (Jul 04)
- RE: Radius access from provider to internal MS ISA Server R. DuFresne (Jul 06)
- RE: Radius access from provider to internal MS ISA Server Bill Royds (Jul 06)
- RE: Radius access from provider to internal MS ISA Server Ben Nagy (Jul 07)