> Hi,
>
> I want to close #48241 [0] as "wontfix". I do not believe that it's
> appropriate to provide SHA3 as a password hashing algorithm.
>
> The SHA3 algorithm is designed to be fast, and cryptographically secure.
> It's target usage is for signatures and verification of these in a rapid
> manner.
>
> The fact that this algorithm is fast, and could be implemented in
> hardware is the reason it's not appropriate for password hashing.
> Passwords should be hashed with a slow algorithm, and in the future, an
> algorithm that is CPU and memory hard. This means that in the (hopefully
> unlikely) case of password hash leak or dump from ldap that the attacker
> must spend a huge amount of resources to brute force or attack any
> password that we are storing in the system.
If the crypto/security team is ok with not supporting SHA3 for
passwords, works for me.
>
> As a result, I would like to make this ticket "wontfix" with an
> explanation of why. I think it's better for us to pursue #397 [1].
> PBKDF2 is a CPU hard algorithm, and scrypt is both CPU and Memory hard.
> These are the direction we should be going (asap).
>
> Thanks,
>
>
> [0] https://fedorahosted.org/389/ticket/48241
> [1] https://fedorahosted.org/389/ticket/397
>
>
>
> _______________________________________________
> 389-devel mailing list -- 389-devel@lists.fedoraproject.org
> To unsubscribe send an email to 389-devel-leave@lists.fedoraproject.org
_______________________________________________
389-devel mailing list -- 389-devel@lists.fedoraproject.org
To unsubscribe send an email to 389-devel-leave@lists.fedoraproject.org
No comments:
Post a Comment