Date: Sun, 19 Aug 2012 13:49:14 +0200 From: Szabolcs Nagy <nsz@...t70.net> To: musl@...ts.openwall.com Subject: Re: Help-wanted tasks for musl * Rich Felker <dalias@...ifal.cx> [2012-08-19 00:26:11 -0400]: > Preparing MD5 and SHA crypt for integration > > See the threads on the list. Basically we need source with appropriate > license status (MIT/BSD/permissive or public domain) that's optimized > for size. > i'm looking into this fun fact: the sha based crypt (the modern one designed in 2007, but it follows the old weird md5 crypt algo) has limits on the rounds but no mention of limits on keys http://www.akkadia.org/drepper/SHA-crypt.txt eventhough step 11. is O(keylen * log(keylen)) step 14. is O(keylen^2) (!) step 16. the reference implementation uses alloca(keylen) (!!) step 21. is O(keylen * rounds) (md5 crypt is O(keylen) with fixed iteration count) and there are alignment optimizations in the reference implementation.. i guess that's some bad joke
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.