On Mon, 2016-10-03 at 21:42 -0600, Rich Megginson wrote:
On 10/03/2016 09:34 PM, William Brown wrote:
> On Mon, 2016-10-03 at 21:26 -0600, Rich Megginson wrote:
>> On 10/03/2016 08:58 PM, William Brown wrote:
>>> Hi,
>>>
>>> I want to close #48241 [0] as "wontfix". I do not believe that
it's
>>> appropriate to provide SHA3 as a password hashing algorithm.
>>>
>>> The SHA3 algorithm is designed to be fast, and cryptographically secure.
>>> It's target usage is for signatures and verification of these in a
rapid
>>> manner.
>>>
>>> The fact that this algorithm is fast, and could be implemented in
>>> hardware is the reason it's not appropriate for password hashing.
>>> Passwords should be hashed with a slow algorithm, and in the future, an
>>> algorithm that is CPU and memory hard. This means that in the (hopefully
>>> unlikely) case of password hash leak or dump from ldap that the attacker
>>> must spend a huge amount of resources to brute force or attack any
>>> password that we are storing in the system.
>> If the crypto/security team is ok with not supporting SHA3 for
>> passwords, works for me.
> Who would be a point of contact to ask this?
Nikos Mavrogiannopoulos <nmavrogi(a)redhat.com>
The response I received was unanimous and against SHA3 for password
storage. I have closed the issue as a result, and will not pursue an
implementation of this.
--
Sincerely,
William Brown
Software Engineer
Red Hat, Brisbane