Re: [uCsimm] tinylogin

From: Colin Plumb (
Date: Tue Mar 07 2000 - 16:47:42 EST

If you're looking at alternative password hashing algorithms,
I'd go with TEA. This is called "Tiny Encryption Algorithm" for
very good reason.

I'd also recommend a bigger salt than Unix normally uses,
and an iteration count, so you're not stuck with the normal
Unix login count of 25.

Source code for TEA (including 68K asm) can be found at

Oh, it helps to know the Davies-Meyer construction
for cryptographic hashes. You basically do

hash(key_block *input, size_t inputlen)
        cipher_block result = FIXED_IV_VALUE;
        key_block key;

        while (inputlen--) {
                key = *input++;
                result ^= ENCRYPT(result, key);
        return output;

If you look at MD5, it's basically this, with a special cipher
with a 128-bit block size and a 512-bit key size. You can just
use TEA with a 64-bit block size and a 128-bit key size.

This message resent by the list server

This archive was generated by hypermail 2b30 : Sun Apr 07 2002 - 00:01:34 EST