> >OK, I have applied the following patch to the MD5 code that puts the
> >salt at the end. We can't change the crypt() stuff because that is
> >being used in older releases.
>
> I think it needs further confirmation, because what I said was from memory
> - I still can't find the source- so take what I said with a pinch of erm
> MSG. I'd personally go with the XOR rather than concat. And I'd use a
> random salt rather than a predictable salt.
>
> But I emphasize again that I believe this is actually a small issue, and
> that leaving the salt in front won't really weaken things much looking at
> the big picture. Because nowadays computers are so fast and cheap, cracking
> the passwords usually boils down to whether the password is weak or not,
> and usually the passwords picked are weak, a week at most to crack :). You
> use salts just to _discourage_ attackers from precomputing. A skilled and
> determined attacker who knows how to exploit any hash-salt weakness will
> find it easier to crack the whole blooming computer open and get root.
It was easy to throw the salt on the end, and XOR is easy too. Can
somone else comment on this?
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026
