Re: Feature Proposal: 'rounds' tuneables for crypt() algorithms

From: John-Mark Gurney <jmg_at_funkthat.com>
Date: Thu, 27 Feb 2014 17:47:34 -0800
Allan Jude wrote this message on Thu, Feb 27, 2014 at 20:28 -0500:
> Currently, you can change the password hashing algorithm used by crypt()
> with the passwd_format in /etc/login.conf
> 
> However, as far as I could find, you cannot change the number of
> 'rounds', the dynamic adjustment factor using in bcrypt, and
> sha256crypt, and sha512crypt.
> 
> bcrypt uses a log number, the default is 4 (so 2^4 rounds). The minimum
> is currently 4, and the maximum 31
> 
> sha256 and sha512crypt default to 5000, with a minimum of 1000 and a
> maximum of 999999999
> 
> OpenBSD implements this in login.conf with 'localcipher' similar to our
> 'passwd_format', except it takes an optional 2nd parameter, the number
> of log2() rounds.
> 
> Arch implements this in pam_unix with rounds=
> 
> For compatibility, it might make most sense to use a separate variable
> rather than adding the optional parameter to the existing passwd_format,
> so older boxes do not choke on it.
> 
> Thoughts?

There is already a patch out there to do this..  It basicly adds a string
to login.conf that is the first part of the crypt that you want to
use which will provide the number of rounds too...  I think it was
posted to -current...

I've been meaning to look at adding it...  The reason I'm interested
in doing this is so that we can configure the number of rounds at boot
time...  Say always take 50ms to run the rounds or a minimum number of
rounds..  This way on faster boxes you get added security of extra


-- 
  John-Mark Gurney				Voice: +1 415 225 5579

     "All that I will do, has been done, All that I have, has not."
Received on Fri Feb 28 2014 - 00:47:40 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:47 UTC