Date: Sat, 9 Feb 2013 04:53:44 +0400 From: Solar Designer <solar@...nwall.com> To: john-dev@...ts.openwall.com Subject: Re: sha512crypt formats matching salt detection bug On Fri, Feb 08, 2013 at 10:50:17PM -0200, Claudio Andr? wrote: > Is there a minimun number of rounds? I mean, is 999 the mininum rounds > allowed by some spec? 1000 is the minimum per Ulrich's original spec (SHA-crypt.txt and reference implementations of sha512crypt and sha256crypt). However, apparently IBM deviated from that. Apparently, it's a minimum of 16 there. We should support any number of rounds, starting with 1. Anyhow, the bug that I reported has nothing to do with specific round counts. It's about including the round counts in "salts". Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.