Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 28 Oct 2022 16:57:52 +0200
From: Solar Designer <>
Subject: Re: Improving security of old DES hashes with fixed salt with "yescrypt"

On Fri, Oct 28, 2022 at 04:25:31PM +0200, Matthias Apitz wrote:
> We run large databases wherein the user credentials of many thousands of
> users are crypt'ed with DES (Unix crypt(3) with fixed salt). To improve
> the security we implemented a hint "why not just re-encrypt the existing
> DES hash with yescrypt". This works fine in all our C-written
> application servers.

For others reading this, the mentioned hint was by me in a thread on
john-users, and I described the various aspects to be aware of here:

> I have implemented this now in all our C-written application
> servers. The clear "PIN" is hashed by:
>    hash = MakeCryptYescrypt(MakeCryptDes(PIN), NULL);
> and the hash is stored in the database row for the user.
> The check if the "PIN" is correct entered is made later on login with
> something like this:
>    if (strcmp(hash, MakeCryptYescrypt(MakeCryptDes(PIN), hash)) == 0) {
>       /* PIN is good */
>    }   
> This is all fine now.
> The last problem to solve is, that also some Java-written application is
> doing the same encryption and checks and I can't find any Java
> implementation of yescrypt. Before writing a NIF to a C-function, I
> wanted to ask the experts.

I'm not aware of an existing Java implementation/bindings of/for
yescrypt.  Writing your own bindings for your C function is probably the
way to go.

As a possible alternative (not necessarily the best one), you can call
the underlying system's crypt(3) from Java.  yescrypt is supported in
crypt(3) on recent Linux distributions that use recent libxcrypt.  It is
supported even by some distributions that don't or didn't yet use
yescrypt by default.  For example, on Ubuntu yescrypt is supported in
libxcrypt since 20.04, but is the default since 22.04.  This means that
on Ubuntu you can use yescrypt via crypt(3) starting with 20.04.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.