Re: [uCsimm] tinylogin

From: Colin Plumb (colin@pgp.com)
Date: Tue Mar 07 2000 - 16:47:42 EST


If you're looking at alternative password hashing algorithms,
I'd go with TEA. This is called "Tiny Encryption Algorithm" for
very good reason.

I'd also recommend a bigger salt than Unix normally uses,
and an iteration count, so you're not stuck with the normal
Unix login count of 25.

Source code for TEA (including 68K asm) can be found at
http://vader.brad.ac.uk/tea/source.shtml

Oh, it helps to know the Davies-Meyer construction
for cryptographic hashes. You basically do

cipher_block
hash(key_block *input, size_t inputlen)
{
        cipher_block result = FIXED_IV_VALUE;
        key_block key;

        while (inputlen--) {
                key = *input++;
                result ^= ENCRYPT(result, key);
        }
        return output;
}

If you look at MD5, it's basically this, with a special cipher
with a 128-bit block size and a 512-bit key size. You can just
use TEA with a 64-bit block size and a 128-bit key size.

-- 
	-Colin
This message resent by the ucsimm@uclinux.com list server http://www.uClinux.com/



This archive was generated by hypermail 2b30 : Sun Apr 07 2002 - 00:01:34 EST