[Openstack-security] [Bug 1668503] Re: sha512_crypt is insufficient, use pdkfd_sha512 for password hashing

Morgan Fainberg morgan.fainberg at gmail.com
Tue Feb 28 05:46:45 UTC 2017 

** Changed in: keystone
   Importance: Critical => High

** Also affects: keystone/mitaka
   Importance: Undecided
       Status: New

** Also affects: keystone/pike
   Importance: High
     Assignee: Morgan Fainberg (mdrnstm)
       Status: In Progress

** Also affects: keystone/newton
   Importance: Undecided
       Status: New

** Also affects: keystone/ocata
   Importance: Undecided
       Status: New

** Description changed:

- Keystone uses sha512_crypt for password hashing. This is completely
- insufficient and provides limited protection (even with 10,000 rounds)
- against brute-forcing of the password hashes (especially with FPGAs
- and/or GPU processing).
+ Keystone uses sha512_crypt for password hashing. This is insufficient
+ and provides limited protection (even with 10,000 rounds) against brute-
+ forcing of the password hashes (especially with FPGAs and/or GPU
+ processing).
  
  The correct mechanism is to use bcrypt, scrypt, or pdkfd_sha512 instead
  of sha512_crypt.
  
  This bug is marked as public security as bug #1543048 has already
  highlighted this issue.

-- 
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1668503

Title:
  sha512_crypt is insufficient, use pdkfd_sha512 for password hashing

Status in OpenStack Identity (keystone):
  In Progress
Status in OpenStack Identity (keystone) mitaka series:
  New
Status in OpenStack Identity (keystone) newton series:
  New
Status in OpenStack Identity (keystone) ocata series:
  New
Status in OpenStack Identity (keystone) pike series:
  In Progress
Status in OpenStack Security Advisory:
  Incomplete

Bug description:
  Keystone uses sha512_crypt for password hashing. This is insufficient
  and provides limited protection (even with 10,000 rounds) against
  brute-forcing of the password hashes (especially with FPGAs and/or GPU
  processing).

  The correct mechanism is to use bcrypt, scrypt, or pdkfd_sha512
  instead of sha512_crypt.

  This bug is marked as public security as bug #1543048 has already
  highlighted this issue.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1668503/+subscriptions

More information about the Openstack-security mailing list