version 1.531, 2006/07/20 03:12:01 |
version 1.532, 2006/07/27 03:34:04 |
|
|
<h2>April, 2006</h2> |
<h2>April, 2006</h2> |
<ul> |
<ul> |
<li><font color="#009000"><strong> |
<li><font color="#009000"><strong> |
|
<a href="http://www.dribin.org/dave/blog/archives/2006/04/28/os_x_passwords_2/"> |
|
Mac OS X Password Implementation Compared to OpenBSD's</a>, April 28, 2006 |
|
</strong></font><br> |
|
Dave Dribin analyzes Mac OS X's password implementation |
|
and compares it with OpenBSD's: |
|
"The king of the hill has to go to OpenBSD, |
|
which uses a hash based on the Blowfish block cipher called bcrypt. |
|
The benefit of [bcrypt] is best stated on their website: |
|
<blockquote> |
|
The most important property of bcrypt (and thus crypt_blowfish) |
|
is that it is adaptable to future processor performance improvements, |
|
allowing you to arbitrarily increase the processing cost of checking a |
|
password while still maintaining compatibility with your older password hashes. |
|
Already now bcrypt hashes you would use are several orders of magnitude |
|
stronger than traditional Unix DES-based or FreeBSD-style MD5-based hashes. |
|
</blockquote> |
|
This is just plain cool." |
|
<p> |
|
|
|
<li><font color="#009000"><strong> |
<a href="http://www.onlamp.com/lpt/a/6557"> |
<a href="http://www.onlamp.com/lpt/a/6557"> |
OpenBSD 3.9: Blob-Busters Interviewed</a>, OnLAMP, April 27, 2006 |
OpenBSD 3.9: Blob-Busters Interviewed</a>, OnLAMP, April 27, 2006 |
</strong></font><br> |
</strong></font><br> |