User: Password:
|
|
Subscribe / Log in / New account

A hole in crypt_blowfish

A hole in crypt_blowfish

Posted Jun 23, 2011 23:44 UTC (Thu) by dlang (subscriber, #313)
In reply to: A hole in crypt_blowfish by solardiz
Parent article: A hole in crypt_blowfish

any hash can have alternate inputs that produce the same output (and if the input is larger than the output, that is guaranteed to take place)

the fact that there are alternate inputs isn't the problem.

a hash is only considered broken if you can predict what inputs will produce a particular output.

In this case, that is exactly what happens, this bug means that someone can test far fewer inputs when trying to find one that matches the output, because you can predict that a large number of inputs will all produce the same output, and therefor only test one of them.


(Log in to post comments)

A hole in crypt_blowfish

Posted Jun 24, 2011 0:08 UTC (Fri) by solardiz (subscriber, #35993) [Link]

Indeed. However, I was commenting on the specific issue brought up earlier in the comment thread - namely, that not only is it practical to find colliding inputs for the broken hash, but also it is practical to find inputs to the correct(ed) hash that match those of the broken hash. Thus, some post-upgrade safety measures may be desired, such as treating passwords with '\xff' chars specially.

A hole in crypt_blowfish

Posted Jun 26, 2011 11:28 UTC (Sun) by job (guest, #670) [Link]

Thanks for the clarification.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds