Blowfish encryption for local passwords
Thomas M Steenholdt
tmus at tmus.dk
Mon Dec 4 09:54:47 UTC 2006
Matthew Miller wrote:
> On Sun, Dec 03, 2006 at 10:03:24PM +0100, Thomas M Steenholdt wrote:
>> From my understanding, Blowfish provides encryption far superior to
>> even MD5 and there should no license problems.
>
> Isn't this apples and oranges?
>
Not really.
We want to be able to encrypt our local passwords in a way that is
impossible to crack and take the longest to brute force. Blowfish seems
to be the winner here (from what I know, at least).
Performance table, grabbed from bz#173002, comment#2:
--- snip ---
http://www.usenix.org/publications/login/2004-06/pdfs/alexander.pdf
Particularly noticeable is the below benchmark table, running "John the
ripper"
on a P4 2.4GHz with 512M of RAM. Slower is better!
---------------------------------------------------
| Unix crypt () | 249467 hashes/second |
| BSDI DES (x725) | 9618 hashes/second |
| FreeBSD MD5 | 4452 hashes/second |
| OpenBSD Blowfish | 335 hashes/second |
| Kerberos AFS DES (short) | 244907 hashes/second |
| Kerberos AFS DES (long) | 435745 hashes/second |
| Windows NT LanMan DES | 628234 hashes/second |
---------------------------------------------------
--- snip ---
/Thomas
More information about the fedora-devel-list
mailing list