Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Mon, 11 Jul 2011 16:39:08 +0200
From: Ludwig Nussel <ludwig.nussel@...e.de>
To: oss-security@...ts.openwall.com
Cc: Solar Designer <solar@...nwall.com>, Michael Matz <matz@...e.de>,
	Thorsten Kukuk <kukuk@...e.de>, Andreas Jaeger <aj@...e.de>,
	Zefram <zefram@...h.org>
Subject: Re: CVE request: crypt_blowfish 8-bit character mishandling

Solar Designer wrote:
> [...]
> Also, it brings up the question: why merely use $2a$ running the new
> code rather than fully emulate the bug even for newly set passwords,
> which would make all passwords work, even on other networked machines?
> Sure, that would be even nastier for security, so maybe you managed to
> strike a balance well.  But nevertheless the question is there.  One of
> your options results in full backwards compatibility at a security cost
> (for the local system), but the other somehow chooses to strike a
> balance between compatibility and security without achieving either of
> these fully (for a network of systems).
>
> Maybe you can afford to drop BLOWFISH_2y to avoid those inconsistencies?
> I imagine that people won't know to enable this option unless/until they
> have already run into an issue anyway (that is, someone is already
> unable to log in).  At this point, they could likely upgrade the rest of
> their networked systems as well... or downgrade this one. ;-(

I'm not sure I understand what you are suggesting. Keep using the buggy
algorithm for new passwords and keep storing them as 2a as long as
BLOWFISH_2a2x is turned on?

cu
Ludwig

-- 
  (o_   Ludwig Nussel
  //\
  V_/_  http://www.suse.de/
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix 
Imendörffer, HRB 16746 (AG Nürnberg)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ