[Cryptography Team] Blowfish & Bcrypt in Smalltalk + accessing
crypt(3) through FFI.
Germán Arduino
garduino at gmail.com
Tue May 3 22:30:42 UTC 2011
Hi Paul:
Sorry the delayed response, but I miss this mail in the Crypto list.
Having tried the Blowfish implementation, I think is very good and you
should publish all the stuff (including Bcrypt) in the squeaksource
Cryptography project. Unfortunately I'm only a developer and can't
grant permits to you but I think that soon the administrators will do.
In the maintime if you can send me the latest .mcz of the Blowfish to
continue playing with it I will appreciate.
Cheers and very good job.
Germán.
2011/4/26 Paul DeBruicker <pdebruic at gmail.com>:
> Hi -
>
> I've made a working implementation of the Blowfish algorithm in Pharo, a
> partially broken implementation of Bcrypt in Pharo, and a reliable way to
> access the linux crypt library using FFI in Pharo on linux.
>
> At the moment it takes about 25 seconds to hash a password using my Bcrypt
> implementation in Pharo, which is about 50x too long. So I'm going to try
> to get a FFI version put together or just use SHA512 from the linux crypt
> library. I have learned a lot but don't expect to fix the improper hashing
> as I don't think the fix would cause a massive speed up. I think the hashing
> error is probably an off-by-one error in an array index in the BCrypt class.
> Ruby, Python, Lisp, PHP all access a C or Java library for bcrypt which
> probably should have told me something.
>
> I could either make a SqueakSource repository for all this or put it in the
> Cryptography package. Or I can email anyone the mcz files off list that
> would like them.
>
> Let me know how to proceed when you get a chance.
>
> Thanks
>
> Paul
> _______________________________________________
> Cryptography mailing list
> Cryptography at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography
>
More information about the Cryptography
mailing list