[Rt-commit] rt branch, 4.2/bcrypt-passwords, repushed

Alex Vandiver alexmv at bestpractical.com
Wed Sep 4 03:42:23 EDT 2013 

The branch 4.2/bcrypt-passwords was deleted and repushed:
       was a844c4315b5da45d80c6a0fb090f2d39536a1f6d
       now 501c2fb478991f85c0011052021e17b7c17b2c7b

1:  07ac7c5 ! 1:  b0e494c Switch to Blowfish-based bcrypt for password hashing
    @@ -18,16 +18,16 @@
         to mitigate these types of attacks.  For instance, on a development
         laptop:
         
    -                       Rate  bcrypt sha-512
    -            bcrypt   13.3/s      --   -100%
    -            sha-512 18183/s 136934%      --
    +                       Rate   bcrypt  sha-512
    +            bcrypt   3.34/s       --    -100%
    +            sha-512 36850/s 1102153%       --
         
    -    That is, bcrypt is three orders of magnitude slower to compute, thus
    +    That is, bcrypt is four orders of magnitude slower to compute, thus
         notably increasing the computational cost of brute-forcing passwords.
         bcrypt also includes a tuning parameter, the number of "rounds" to run,
         which allows the same algorithm to be increase the computational cost
         required as computers continue to grow faster.  We use the standard
    -    value of 8 here, but allow for higher values to be used later.
    +    value of 10 here, but allow for higher values to be used later.
     
     diff --git a/docs/UPGRADING-4.2 b/docs/UPGRADING-4.2
     --- a/docs/UPGRADING-4.2
    @@ -46,7 +46,7 @@
     +
      =back
      
    - =cut
    + =item *
     
     diff --git a/lib/RT/User.pm b/lib/RT/User.pm
     --- a/lib/RT/User.pm
    @@ -77,8 +77,8 @@
     +        # special bcrypt base64.
     +        $salt = Crypt::Eksblowfish::Bcrypt::de_base64( substr($rest[1], 0, 22) );
     +    } else {
    -+        # The current standard is 8 rounds
    -+        $rounds = 8;
    ++        # The current standard is 10 rounds
    ++        $rounds = 10;
     +
     +        # Generate a random 16-octet base64 salt
     +        $salt = "";
2:  a844c43 ! 2:  87cf33b SHA-512 passwords before passing to bcrypt for key derivation
    @@ -1,8 +1,8 @@
     Author: Alex Vandiver <alexmv at bestpractical.com>
     
    -    SHA-512 passwords before passing to brypt for key derivation
    +    SHA-512 passwords before passing to bcrypt for key derivation
         
    -    The bcrypt key derivation function only usese the first 72 bytes of the
    +    The bcrypt key derivation function only uses the first 72 bytes of the
         input; when used directly on a password, this effectively limits
         password length to 72 characters.
         
    @@ -22,3 +22,4 @@
      
          return join("!", "", "bcrypt", sprintf("%02d", $rounds),
                      Crypt::Eksblowfish::Bcrypt::en_base64( $salt ).
    +
-:  ------- > 3:  501c2fb Allow a tunable number of rounds for bcrypt key derivation

More information about the Rt-commit mailing list