Password hashing weakness in DF
Aggelos Economopoulos
aoiko at cc.ece.ntua.gr
Tue Jan 17 14:50:05 PST 2012
On 01/17/2012 10:12 AM, Matthias Schmidt wrote:
> He guys,
>
> I want to bring the following discussion on the oss-security list to
> your attention:
>
> http://www.openwall.com/lists/oss-security/2012/01/16/2
>
> This post and previous posts contain all known details. It seems Solar
> contacted Matt before, but unfortunately he does not responded (or at
> least not on the list, I'm subscribed).
Ugh. This is bad and, even worse, it's not immediatelly obvious how to
fix it w/o breaking any systems using this implementation.
Thanks for publicizing this Matthias!
Aggelos
More information about the Users
mailing list