excessive SHA1 calls

Love Hörnquist Åstrand lha at samba.org
Fri Nov 25 11:26:09 GMT 2005

"Stefan (metze) Metzmacher" <metze at samba.org> writes:

> Love Hörnquist Åstrand schrieb:
>> The s2k(password,enctype) have the same property as the htlm hash, its a
>> password equvalent. One reason the function is so slow and tunable slow is
>> to make dictionary attacks very expensive. So storing the
>> s2k(password,enctype) just next to the password is fine.
> is it correct that the client calls s2k() at kinit time?
> how would that prevent from dictionary attacks when the client can just use a
> tunned version?

Because you tune the s2k over time, and tuneing can be done each time a
user change their password. Today the factor is 4k, in 18month you can make
that 8k and it will still take 0.4s per password.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 477 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20051125/aac94df9/attachment.bin

More information about the samba-technical mailing list