User: Password:
|
|
Subscribe / Log in / New account

A hole in crypt_blowfish

A hole in crypt_blowfish

Posted Jun 22, 2011 21:07 UTC (Wed) by jonabbey (guest, #2736)
Parent article: A hole in crypt_blowfish

It appears that a very similar bug was discovered in mindrot.org's Java implementation of the BCrypt hash algorithm early last year..

http://www.mindrot.org/files/jBCrypt/internat.adv


(Log in to post comments)

A hole in crypt_blowfish

Posted Jun 22, 2011 21:17 UTC (Wed) by jonabbey (guest, #2736) [Link]

Er, scratch that. In the Java lib case, it had to do with their not specifying the use of the UTF-8 charset when doing encoding. Not the same sign extension bug at all, though it also affected international characters.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds