smb@research.att.com ("Steven M. Bellovin") writes:
> In message <3028.1022196192@itojun.org>, itojun@iijlab.net writes:
> >>	s = salt;	/* or s = hmac_sha512(site-specific-string, salt); */
> >>	for (i = 0; i < num_iterations; i++)
> >>		s = hmac_sha512(password, s);
> Sounds good.  It will take a bit of experimenting to decide what the 
> right default value is for num_iterations.  It would be nice if there 
> were a way to parameterize it in /etc/passwd.conf.

Actually I think the num_iterations should be stored along with the
salt to the encrypted password. This way the num_iterations can be
changed by changing the passwd.conf, and all new passwords would start
using the new num_iterations. Also the default could be something
like:

num_iterations = time(NULL) / div + base;

so it goes up over time, as the cpu speeds go up too... Of course the
div and base could be parameterized in the /etc/passwd.conf too...
-- 
kivinen@ssh.fi
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/