Use SHA-2 by default instead of MD5 for password encrypting

William Immendorf will.immendorf at gmail.com
Tue Dec 28 20:56:35 PST 2010


Let's face it: MD5, while it might be more than plain old DES, it is a
weak algorithm to encrypt your passwords with. To give you proof, in
2008, researchers demonstrated that MD5 is very weak to collision
attacks, and can create false data that appears to be trustworthy. For
proof:

http://www.kb.cert.org/vuls/id/836068

And the recommendation: Do not use MD5 for anything. This includes
certificates, passwords, and even for verifying files. So, this means
that it's time to switch to different algorithms.

The only two choices we have right now are Blowfish, and SHA-2 (256
and 512). Since using Blowfish requires modifications to Glibc and
Shadow, this means the easiest route to take would be to use SHA-2.

What this means for both LFS and BLFS is:

  * The Shadow instructions need to have the password encryption
changed from MD5 to SHA-512
  * The PAM configuration files also need MD5 converted to SHA-512
  * And all of the MD5 hashes for the packages need to be converted to
SHA-256 hashes.

The last one would require changes to all of the books in order to
work. But belive me, with the flaws that MD5 has, you probably want to
ditch it sooner or later.

As for which list this belongs on, I belive it belongs on all of the
-dev lists, but I'll first send it to the lfs-dev list.

-- 
William Immendorf
The ultimate in free computing.
Messages in plain text, please, no HTML.
GPG key ID: 1697BE98
If it's not signed, it's not from me.

--------------

"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman



More information about the lfs-dev mailing list