Feature Requests: Browse | Submit New | Admin

[#8284] support more hash algorithms by default

Date:
2007-01-29 11:46		 Priority:
3
Submitted By:
Daniel Weinand (dweinand) 		Assigned To:
Nobody (None)
Category:
None		 State:
Open
Summary:
support more hash algorithms by default

Detailed description 
ActiveRbac? should provide more than just MD5 hashing by default. Ruby comes with support for SHA1, RMD160, SHA256,
SHA384 and SHA512. Maybe they could all be provided as a choice for the paranoid. For SHA512 the length of the password
field would have to be extended to at least 128 chars.



11/17/06 02:49:13: Modified by manuel

    * milestone changed from 0.4 to 2.0.

If someone contributes a unit tested patch to ActiveRBAC then I could add this.

I will not invest time into implementing this, however:

Though it has been shown that you can "decrypt" MD5 (e.g. for a given md(x), you can find one or more y so
that md(y) = md(x)) if you do heavy precomputation, as far as I remember, adding seeds to password one-way-encryption
makes this "decryption" too hard to be practical. The real problem with MD5 and SHA-1 is related to using
it for signing documents digitally. This is not related to our use of MD5.

postponing this to 2.0 or later or the time someone contributes a patch for this

Add A Comment: Notepad

Please login


Followup

No Followups Have Been Posted

Attached Files:

Name Description Download
No Files Currently Attached

Changes:

No Changes Have Been Made to This Item