Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 9 Aug 2012 18:08:25 -0400
From: Rich Felker <>
Subject: Re: crypt* files in crypt directory

On Fri, Aug 10, 2012 at 01:44:31AM +0400, Solar Designer wrote:
> On Thu, Aug 09, 2012 at 05:17:36PM -0400, Rich Felker wrote:
> > After some casual tests, I would say somewhere around 16 is
> > appropriate as the absolute upper cut-off, and 12-14 is probably the
> > "point a good bit lower" we're aiming for. Anyone else have opinions
> > on this? Information on what's in common use in the wild? (I would
> > guess 4-8 is typical in the wild..)
> 4-12 exist in the wild for password authentication, larger values are
> sometimes seen for other uses (you may choose not to support such uses).

Then 12 is probably not a good cut-off, which is frustrating because
12 is getting to the point where it's unreasonable load on a mid-range
system (takes ½ sec on my atom).

> I think the defaults are as follows:
> Solaris - $2a$04 once bcrypt is enabled (it is not by default)
> CommuniGate Pro - $2a$05, ditto
> OpenBSD - $2a$08 for root, $2a$06 for non-root
> Owl - $2y$08 for all by default
> openSUSE - $2y$10 for all by default

Thanks, very informative.

> An example use other than password authentication:
> This has $2a$16 and $2a$20 samples.
> The paper and slides on scrypt compare it against bcrypt at up to $2a$16
> ("tuned for file encryption").

I think this potentially needs to be something we just don't support.
I can see the interest in being able to use crypt as a general purpose
hashing API, but I think I'd have a hard time convincing myself to
prioritize that over ensuring bounded runtime.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.