Go Back   DaemonForums > FreeBSD > FreeBSD Security

FreeBSD Security Securing FreeBSD.

Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 14th May 2009
s0xxx's Avatar
s0xxx s0xxx is offline
Package Pilot
Join Date: May 2008
Posts: 192
Default New tool on the block - scrypt

In the context of hardware brute-force attacks, scrypt is thousands of times more secure than existing "best practice" solutions such as bcrypt and PBKDF2; in fact, under reasonable assumptions it is provably as strong as possible. In addition to the key derivation function itself, I have released a simple file encryption utility which is approximately 100 billion times more secure than openssl enc, due to OpenSSL using MD5 as a key derivation function.

Later in the comments Colin said:
Drepper's SHA crypt is actually weaker than bcrypt where hardware brute force attacks are concerned, since blowfish (and thus bcrypt) requires a larger die area than SHA256 or SHA512.

I'm planning on talking to Drepper about scrypt and investigating whether scrypt can be brought into linuxes and BSDs as a standard method for password hashing.
Colin Percival, Stronger Key Derivation via Sequential Memory-Hard Functions, presented at BSDCan'09, May 2009.
Conference presentation slides: PDF.
The best way to learn UNIX is to play with it, and the harder you play, the more you learn.
If you play hard enough, you'll break something for sure, and having to fix a badly broken system is arguably the fastest way of all to learn. -Michael Lucas, AbsoluteBSD
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
block spam milo974 OpenBSD Security 1 26th May 2009 11:30 AM
Automaticaly block IPs with PF DNAeon FreeBSD Installation and Upgrading 7 20th February 2009 02:06 AM
Security Researcher To Release Hacking Tool hunteronline Off-Topic 0 21st August 2008 06:29 PM
A P2P controlling tool at last - ipfw-classifyd s0xxx FreeBSD Ports and Packages 0 3rd August 2008 09:49 AM
BSD n00b needs to block incoming SQL on 3306 renolinux FreeBSD Security 5 27th May 2008 02:26 PM

All times are GMT. The time now is 05:51 AM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick