Authentication protocols that DO support hashed passwords
Alan DeKok
aland at deployingradius.com
Thu Nov 13 17:31:13 CET 2014
Stefan Winter wrote:
> It's true that it has not been exposed much, the main and only argument
> being "the crypto is complex and has not been tested enough by
> cryptographers". IMHO, cryptopgraphy researchers should GET GOING and
> evaluate it instead of complaining that their community hasn't evaluated
> it enough yet.
Dan Harkins isn't a well known cryptographic researcher. He's done a
lot more work in the space than I have in the space. But the "cabal" of
cryptographic researchers don't know him very well.
So.. they ignore what he's done. I don't really see that changing,
unless people start deploying EAP-PWD. Then, the researchers can get
papers published by criticizing his work.
Alan DeKok.
More information about the Freeradius-Users
mailing list