Is there any information on adding support for Argon2? I have been working on my new mailserver and this came up in moving from the default MD5 hash to more 'modern' hashes like SHA256 and SHA512.? Then I was pointed to the work behind Argon2, and I see that it is moving through the IRTF cfrg workgroup: draft-irtf-cfrg-argon2-04.txt It is a 'purpose built' hash for passwords, with recommendations that new implementations use it.? Of course can't use it if crypt does not support it.... thanks
Am 13.02.2019 um 14:18 schrieb Robert Moskowitz:> Is there any information on adding support for Argon2?Did you check the RHEL 8 beta? Alexander
The version of libsodium in EPEL supports argon2 For php you can build the libsodium extension. Also php 7.2+ builds that extension if you specify it build time using --with-sodium=shared switch. For dovecot you have to build it against sodium which means building your own packages but it works. At least with modern upstream dovecot. On 2/13/19 5:18 AM, Robert Moskowitz wrote:> Is there any information on adding support for Argon2? > > I have been working on my new mailserver and this came up in moving from > the default MD5 hash to more 'modern' hashes like SHA256 and SHA512. > Then I was pointed to the work behind Argon2, and I see that it is > moving through the IRTF cfrg workgroup: > > draft-irtf-cfrg-argon2-04.txt > > It is a 'purpose built' hash for passwords, with recommendations that > new implementations use it.? Of course can't use it if crypt does not > support it.... > > thanks > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos
I found that EPEL has argon2-20161029-2, but the dovecot 2.2.36 in C7 does not use it. If I were to compile dovecot 2.3, it comes with argon2 built in. I don't want to get into the build business, I have other things demanding my time.? It would be nice to have argon2, but my server is small, and sha512 is a lot better than md5. On 2/13/19 1:57 PM, Alice Wonder wrote:> The version of libsodium in EPEL supports argon2 > > For php you can build the libsodium extension. Also php 7.2+ builds > that extension if you specify it build time using --with-sodium=shared > switch. > > For dovecot you have to build it against sodium which means building > your own packages but it works. At least with modern upstream dovecot. > > On 2/13/19 5:18 AM, Robert Moskowitz wrote: >> Is there any information on adding support for Argon2? >> >> I have been working on my new mailserver and this came up in moving >> from the default MD5 hash to more 'modern' hashes like SHA256 and >> SHA512. Then I was pointed to the work behind Argon2, and I see that >> it is moving through the IRTF cfrg workgroup: >> >> draft-irtf-cfrg-argon2-04.txt >> >> It is a 'purpose built' hash for passwords, with recommendations that >> new implementations use it.? Of course can't use it if crypt does not >> support it.... >> >> thanks >> >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> https://lists.centos.org/mailman/listinfo/centos > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos