apr-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 49288] New: Add support for stronger cryptographic hashing functions
Date Thu, 13 May 2010 22:23:54 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=49288

           Summary: Add support for stronger cryptographic hashing
                    functions
           Product: APR
           Version: HEAD
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: APR-util
        AssignedTo: bugs@apr.apache.org
        ReportedBy: mathew.binkley@vanderbilt.edu


APR (and thus htpasswd) currently only supports crypt(), MD5, and SHA1-based
passwords.  Moore's law and algorithmic improvements are increasingly making
passwords stored in those hash functions vulnerable to cracking.

It would be beneficial if there were stronger hash functions such as
sha256/512, whirlpool, or pbkdf2 available for use.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@apr.apache.org
For additional commands, e-mail: bugs-help@apr.apache.org


Mime
View raw message