[cryptography] Oddity in common bcrypt implementation

Marsh Ray marsh at extendedsubset.com
Tue Jun 28 13:07:12 EDT 2011

On 06/28/2011 10:25 AM, Nico Williams wrote:
> But doesn't the AAA server get the password in the clear?

Not in cases like MS-CHAPv2. Most shops seem to "require" the use of it, 
having thrown out classic RADIUS "PAP" along with MS-CHAPv1.

> If so the server can make it right.

Define 'right' when the guy on the other end of the wire was written 
with an older, underspecified version of the spec. Or even with the 
current one.

> It's protocols that use PBKDFs on clients
> that get into trouble (think of DIGEST-MD5, SCRAM, Kerberos, any
> ZKPPs...


- Marsh

More information about the cryptography mailing list