Vulnerability Development mailing list archives
Re: OpenSSH Password Question
From: "Bluefish (P.Magnusson)" <11a () GMX NET>
Date: Mon, 11 Dec 2000 12:15:48 +0100
Assume you use strong passwords with a-zA-Z0-9 and 8 characters long passwords. You get 36^8 possible different passwords, [...]a-zA-Z0-9 is 62, no? So it'd be 62^8?
Yep, must have been asleep while typing. The assumption was based on
a-z0-9 or something. And yes, you are right on crypt() being 64 bits.
Silly me! :)
Anyway, looked at the bcrypt papers pointers were refering to? If the
scheme is considered to be safe by cryptographers, it's one pretty neat
idea, adding a factor of 2^cost [where cost is an variable] to the time
complexity of the algorithm.
..:::::::::::::::::::::::::::::::::::::::::::::::::..
http://www.11a.nu || http://bluefish.11a.nu
eleventh alliance development & security team
http://www.eff.org/cafe
Current thread:
- OpenSSH Password Question Erik Tayler (Dec 09)
- Re: OpenSSH Password Question Gordon Messmer (Dec 09)
- Re: OpenSSH Password Question White Vampire (Dec 10)
- Re: OpenSSH Password Question Daniel Jacobowitz (Dec 09)
- Re: OpenSSH Password Question Bill Weiss (Dec 10)
- Re: OpenSSH Password Question Erik Tayler (Dec 10)
- Re: OpenSSH Password Question Markus Friedl (Dec 10)
- Re: OpenSSH Password Question Bluefish (P.Magnusson) (Dec 11)
- Re: OpenSSH Password Question Markus Friedl (Dec 11)
- Re: OpenSSH Password Question Bennett Todd (Dec 12)
- Re: OpenSSH Password Question Bluefish (P.Magnusson) (Dec 12)
- Re: OpenSSH Password Question Bluefish (P.Magnusson) (Dec 11)
- Re: OpenSSH Password Question Gordon Messmer (Dec 09)
- <Possible follow-ups>
- Re: OpenSSH Password Question Vitaly McLain (Dec 10)
- Re: OpenSSH Password Question Matt Rose (Dec 10)
- Re: OpenSSH Password Question Vitaly McLain (Dec 11)
- Re: OpenSSH Password Question Matt Rose (Dec 10)