1 |
On Mon, Jul 25, 2022 at 11:11 AM Marek Szuba <marecki@g.o> wrote: |
2 |
> |
3 |
> On 2022-07-25 15:35, Peter Stuge wrote: |
4 |
> |
5 |
> > Please only do that based on proven merit and nothing else. |
6 |
> |
7 |
> https://pthree.org/2018/05/23/do-not-use-sha256crypt-sha512crypt-theyre-dangerous/ |
8 |
> , https://www.password-hashing.net/ , the fact we still us the default |
9 |
> number of rounds (i.e. 5000) with SHA512 which is *ridiculously* weak |
10 |
> for modern hardware, lack of Argon2 support in libxcrypt for the time |
11 |
> being due to upstream having decided to wait for an official RFC. You |
12 |
> can probably find more yourself if you look. |
13 |
|
14 |
The fedora link in the original email details why they changed it. I |
15 |
don't think regurgitating the argument will add to it. By all means |
16 |
point out if there is a concern with their reasoning though. |
17 |
|
18 |
My initial question was whether this was some vanity hash change but |
19 |
the changes are intended to greatly increase the cost of cracking |
20 |
attacks. I'm in no position to evaluate their merit but their |
21 |
proposal contains various citations to people who presumably are. |
22 |
|
23 |
-- |
24 |
Rich |