This is the mail archive of the
libc-hacker@cygnus.com
mailing list for the glibc project.
Re: 2.2 projects
- To: Geoff Keating <geoffk@ozemail.com.au>
- Subject: Re: 2.2 projects
- From: Zack Weinberg <zack@rabi.columbia.edu>
- Date: Fri, 29 Jan 1999 23:54:34 -0500
- cc: libc-hacker@cygnus.com
On Sat, 30 Jan 1999 15:41:28 +1100, Geoff Keating wrote:
>> Date: Thu, 28 Jan 1999 11:15:50 -0500
>> From: Zack Weinberg <zack@rabi.columbia.edu>
>>
>> - OpenBSD extended crypt() [need non-US hacker]
>
>This is the Blowfish '$2a$' crypt prefix, isn't it?
>
>I don't really want to put that in, because it isn't exportable and we
>already have a MD5-based crypt that is secure and exportable. I guess
>you could add a SHA-based crypt if you wanted an alternative to
>MD5---it might be helpful to US government people who need to use
>an approved algorithm.
I don't actually know how the OpenBSD stuff works. I was thinking
that the DES-based crypt() has some limitations that can be obnoxious
from a sysadmin's point of view - e.g. 8 char cleartext limit - and
that it's an old clunky algorithm that can be brute-forced these
days. OpenBSD is usually the place to look for security innovations,
so...
Another thing. I've seen it asserted that crypt() is exportable since
it can only be used for authentication - e.g. Sun ships the same libc
in domestic and exported Solaris. Could we get away with that
argument? Has anyone gotten a hard legal opinion?
>The other possible extension is a cryptographic random number
>generator, for generating salts (and suchlike), along the lines of
>OpenBSD's arc4random. It would read /dev/urandom (and fail if it
>doesn't exist? or try something else?). It would be exportable since
>it isn't cryptography.
This is interesting. It might fit into the random-number-generator
library I had a prototype for awhile back.
rabi.phys.columbia.edu:/pub/zack/random-0.1.tar.gz if you want to look
at it.
zw