excessive SHA1 calls

Stefan (metze) Metzmacher metze at samba.org
Fri Nov 25 10:30:45 GMT 2005

Love Hörnquist Åstrand schrieb:
> The s2k(password,enctype) have the same property as the htlm hash, its a
> password equvalent. One reason the function is so slow and tunable slow is
> to make dictionary attacks very expensive. So storing the
> s2k(password,enctype) just next to the password is fine.

is it correct that the client calls s2k() at kinit time?
how would that prevent from dictionary attacks when the client can just use a
tunned version?


Stefan Metzmacher <metze at samba.org> www.samba.org

More information about the samba-technical mailing list