Bug #1681
closed
MD5 password hash
0%
Description
In the DFLY Handbook, it states that DragonFly uses MD5 for creating
password entries/hashes (/etc/passwd).
I would like to point out that MD5 is old and considered broken.
Therefore, I suggest upgrading DragonFly to use either SHA-1, or SHA-2. Out
of the two options I would recommend SHA-2, since problems have been
identified in SHA-1.
It does say in Wikipedia, that Unix/Linux vendors are migrating to use SHA-2
for password hashes (256-bit and 512-bit).
PS It says in Wikipedia that MD5 "should be considered cryptographically
broken and unsuitable for further use", and that US government applications
are required to move to SHA-2 by 2010.
Files
Updated by dillon about 14 years ago
:In the DFLY Handbook, it states that DragonFly uses MD5 for creating
:password entries/hashes (/etc/passwd).
:
:I would like to point out that MD5 is old and considered broken.
:
:Therefore, I suggest upgrading DragonFly to use either SHA-1, or SHA-2. Out
:of the two options I would recommend SHA-2, since problems have been
:identified in SHA-1.
:
:It does say in Wikipedia, that Unix/Linux vendors are migrating to use SHA-2
:for password hashes (256-bit and 512-bit).
:
:PS It says in Wikipedia that MD5 "should be considered cryptographically
:broken and unsuitable for further use", and that US government applications
:are required to move to SHA-2 by 2010.
:
:--
:Sincerely,
:Robin Carey
Well... if someone wants to add another encryption method that's fine
w/me. Nobody should be using plaintext passwords for remote access
anyway since most attacks don't even bother trying to decrypt any more,
they just run against a dictionary.-Matt
Updated by robgar over 13 years ago
Yes MD5 is considered broken, and it is broken in a practical sense. We need
to do this and change the default. Even though people shouldnt.. you know the
rest of the story.
Updated by alexh over 13 years ago
I've done a bit of research and the changes that are needed are the following:
1) add support for sha2 (256, 384, 512?) to lib/libcrypt.
2) modify the #define PASSWORD_HASH in lib/pam_module/pam_unix/pam_unix.c to the new hash to
be used
3) modify the default passwd_format in /etc/login.conf
Overall quite a minor task that I think would be even suitable for google code-in. Any
further comments on this?
Regards,
Alex Hornung
Updated by alexh over 13 years ago
For whatever it's worth, I submitted this as a google code-in task1. Hopefully
it'll get done by the famous $someone.
Cheers,
Alex
[1]: http://www.google-
melange.com/gci/task/show/google/gci2010/dragonflybsd/t129101576849
Updated by sgeorge.ml over 13 years ago
On Sun, Feb 21, 2010 at 6:31 AM, Matthew Dillon
<dillon@apollo.backplane.com> wrote:
Well... if someone wants to add another encryption method that's fine
w/me. Nobody should be using plaintext passwords for remote access
anyway since most attacks don't even bother trying to decrypt any more,
they just run against a dictionary.
the password-hashing method used in OpenBSD uses an algorithm derived
from Blowfish that makes use of the slow key schedule; the idea is
that the extra computational effort required gives protection against
dictionary attacks.
http://en.wikipedia.org/wiki/Blowfish_%28cipher%29
thanks :-)
--Siju
Updated by alexh over 13 years ago
Committed in 6737f3b945f8531f8d5934dfaad3b4bb4a48b739.