Salted Sha512?

Alan DeKok aland at deployingradius.com
Thu Jan 15 02:09:03 CET 2015


On Jan 14, 2015, at 7:55 PM, Robert Graham <robert_graham at uhaul.com> wrote:
> Would it be possible to integrate Salted SHA-512 into freeradius.

  Yes.

> I did
> speak with our contact with the PCI Compliance team and they are saying
> that the information has to be SHA-512/Salted... In the next few years
> they are talking about SHA-3 if it gets finalized.
> 
> I would really appreciate if someone on the team could do this :)

  Can you send some sample SSHA passwords?  e.g. ones where the password is “test” or “hello”,   Include the salt, the hex form of the SHA2 password, the clear-text password, and which SHA method you used.

  We’ll use that to create test vectors.

  This code should go into the next release of version 2.  Security things like this are OK.

  Alan DeKok.



More information about the Freeradius-Users mailing list