Skip to content

Commit

Permalink
Correct crypt.5 terminology (issue #29)
Browse files Browse the repository at this point in the history 
Solar Designer points out that a phrase used to describe DES-crypt,
“Hash size 64 bits (effectively 56),” is misleading.  Revert to
separate “hash size” and “effective key size” table entries as is
used in the Openwall version of this manpage, but omit the “effective
key size” table entry if it would be the same number as “hash size.”
Correct the `.hash` line for yescrypt as discussed in the review of
pull request #27.

Also swap two of the entries in the list of attacks that salt defeats,
for better prose flow; reference RFC 4648 when talking about ‘the
common “base64” encoding’ that hashes don’t use; and tighten up the
implementation of the `.hash` macro.
  • Loading branch information
@zackw
zackw committed Sep 3, 2018
1 parent 8d8df22 commit 27a9721
Showing 1 changed file with 15 additions and 14 deletions.
29 changes: 15 additions & 14 deletions crypt.5
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,13 +44,13 @@ and then test it against each account's stored hash;
the hash calculation must be repeated for each account.
.TP
2.
It is not possible to tell whether two accounts use the same passphrase
without successfully guessing one of the phrases.
.TP
3.
Tables of precalculated hashes of commonly used passphrases
must have an entry for each possible salt,
which makes them impractically large.
.TP
3.
It is not possible to tell whether two accounts use the same passphrase
without successfully guessing one of the phrases.
.PP
All of the hashing methods are also deliberately engineered to be slow;
they use many iterations of an underlying cryptographic primitive
Expand Down Expand Up @@ -103,10 +103,10 @@ is up to the hashing method.
\(oq\fB$\fR\(cq characters
usually delimit components,
and the salt and hash are usually encoded as numerals in base 64.
However, the details of the base-64 encoding vary among hashing
methods and are usually
The details of this base-64 encoding vary among hashing methods.
The common \(lqbase64\(rq encoding specified by RFC 4648 is usually
.I not
compatible with the common \(lqbase64\(rq encoding.
used.
.SH AVAILABLE HASHING METHODS
This is a list of
.I all
Expand All @@ -123,10 +123,8 @@ and does not show the division into prefix, options, salt, and hash.
.ad l
.TP
.B prefix
.ie "\\$1"" \{\
"" (empty string)
.\}
.el "\\$1"
"\\$1"
.if "\\$1"" (empty string)
.TP
.B Encoded passphrase format
\\$2
Expand All @@ -136,10 +134,13 @@ and does not show the division into prefix, options, salt, and hash.
.el \\$3 characters
.ie "\\$4"7" (ignores 8th bit)
.TP
.TP
.B Hash size
\\$6 bits
.if !"\\$5"\\$6" (effectively \\$5)
.if !"\\$5"\\$6" \{
.TP
.B Effective key size
\\$5 bits
.\}
.TP
.B Salt size
\\$7 bits
Expand All @@ -154,7 +155,7 @@ and does not show the division into prefix, options, salt, and hash.
.br
yescrypt is a scalable password hashing scheme designed by Solar
Designer, which is based on Colin Percival's scrypt.
.hash "$y$" "\e$y\e$[./A-Za-z0-9]+\e$[./A-Za-z0-9]*\e$[./A-Za-z0-9]{43}" unlimited 8 "" 256 "up to 512" "0 (default), 1 to 11 (logarithmic)"
.hash "$y$" "\e$y\e$[./A-Za-z0-9]+\e$[./A-Za-z0-9]{,86}\e$[./A-Za-z0-9]{43}" unlimited 8 256 256 "up to 512" "1 to 11 (logarithmic)"
.PP
scrypt hashes previously used the "$7$" prefix, yescrypt is backward-compatible with them.
.PP
Expand Down

0 comments on commit 27a9721

Please sign in to comment.