From owner-freebsd-security@FreeBSD.ORG  Thu Jan 28 21:56:05 2010
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 340B9106568D
	for <freebsd-security@freebsd.org>;
	Thu, 28 Jan 2010 21:56:05 +0000 (UTC)
	(envelope-from rnodal@gmail.com)
Received: from mail-ew0-f218.google.com (mail-ew0-f218.google.com
	[209.85.219.218])
	by mx1.freebsd.org (Postfix) with ESMTP id C25228FC0A
	for <freebsd-security@freebsd.org>;
	Thu, 28 Jan 2010 21:56:04 +0000 (UTC)
Received: by ewy10 with SMTP id 10so1292918ewy.3
	for <freebsd-security@freebsd.org>;
	Thu, 28 Jan 2010 13:56:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:in-reply-to:references
	:from:date:message-id:subject:to:content-type;
	bh=4p+euvvT+3fK0T6FlU/L3wk5j+b/lE2ouL8l1SbYPXE=;
	b=JtlEAnMBb9nNZRICUDnODs66x70tdCnOSX0Pggii8O5gk19voC/i71G/3DeedQ1bFE
	SfPc+i9CFS8EHAtk/X4OjikmEu7t0CsJhwWBGp9pBV1he4wXtKbH3G+nF3lIxdoIFm7Y
	JzQoclTf7e7df3qEe2PpngRtdKALZziOkPgDE=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:from:date:message-id:subject:to
	:content-type;
	b=caCDQcsT3A5vfK2LOT1x2Wjo9LSH3YBGa7ffWH8lYblkCWRL67nJTiSwnf5TmdaCRW
	0uzuEq9oPGfqGCkALSjEFSxGemM+YyiCJ0ju3NJI2XYb8uPZh6NAlJII1rYqnEHbNq3V
	eZlDvmn75hyHwQlUAPXjqKbtkQdrAcld0SHzY=
MIME-Version: 1.0
Received: by 10.213.42.205 with SMTP id t13mr2628530ebe.4.1264713903191; Thu, 
	28 Jan 2010 13:25:03 -0800 (PST)
In-Reply-To: <20100128182413.GI892@noncombatant.org>
References: <20100128182413.GI892@noncombatant.org>
From: Roger <rnodal@gmail.com>
Date: Thu, 28 Jan 2010 16:24:43 -0500
Message-ID: <9d972bed1001281324r29b4b93bw9ec5bc522d0e2764@mail.gmail.com>
To: freebsd-security@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
Subject: Re: PHK's MD5 might not be slow enough anymore
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Jan 2010 21:56:05 -0000

What would be the consequence of having an algorithm that will
increase the amount of time needed to check the next password after a
failure.
In other words, check the first one fast, the second try it will be
slower, then the third even slower and then the forth even slower etc.
Is this how it is currently implemented? (Sorry I did not read the
code).

-r