Date: Tue, 16 Sep 2014 18:53:53 +0000 From: Héctor Luis Gimbatti <hlg@...le.com.ar> To: "crypt-dev@...ts.openwall.com" <crypt-dev@...ts.openwall.com> Subject: Bcrypt in linux Greetings, The current implementation of bcrypt found in OpenBSD (specifically /usr/src/lib/libc/crypto ) make use of arc4random "device" to generate the ''salt''. I made some modifications in order to compile the code in linux so I can maintain a database in *nix of passwords for some program. Actually the code is very simple and thee modifications done to OBSD's bcrypt are trivial: 1. hardened BCRYPT_MAXSALT to 32, and BCRYPT_MINLOGROUNDS to 8. (the latter can be modified in runtime whereas the first is constant, but can be easily modified). 2. Instead of using arc4random_buf to compute the salt, I use RAND_seed and RAND_bytes which are included in openssl (-lcrypto) What can be done, as I've done for this specific code, is to change the constants (currently the hex representation of pi digits) used to initialize P and S boxes to some other constants (cuberoot(prime(i)) , sqrt(prime(i)), etc) in order to produce unique crypto for an specific application or device. If this is somehow useful for a project I can share the code Cheers
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.