Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 10 Aug 2012 01:44:31 +0400
From: Solar Designer <solar@...nwall.com>
To: musl@...ts.openwall.com
Subject: Re: crypt* files in crypt directory

On Thu, Aug 09, 2012 at 05:17:36PM -0400, Rich Felker wrote:
> After some casual tests, I would say somewhere around 16 is
> appropriate as the absolute upper cut-off, and 12-14 is probably the
> "point a good bit lower" we're aiming for. Anyone else have opinions
> on this? Information on what's in common use in the wild? (I would
> guess 4-8 is typical in the wild..)

4-12 exist in the wild for password authentication, larger values are
sometimes seen for other uses (you may choose not to support such uses).

I think the defaults are as follows:

Solaris - $2a$04 once bcrypt is enabled (it is not by default)
CommuniGate Pro - $2a$05, ditto
OpenBSD - $2a$08 for root, $2a$06 for non-root
Owl - $2y$08 for all by default
openSUSE - $2y$10 for all by default

Google web searches also find numerous instances of $2a$12, albeit
mostly in discussions on use of bcrypt from scripts and such.

An example use other than password authentication:

http://crypto.stackexchange.com/questions/1765/can-i-construct-a-zero-knowledge-proof-that-i-solved-a-project-euler-problem

This has $2a$16 and $2a$20 samples.

The paper and slides on scrypt compare it against bcrypt at up to $2a$16
("tuned for file encryption").

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.