Comment by throw0101a

14 hours ago

For those unaware, PHK created (amongst other things) the MD5crypt password hashing algorithm ($1$…). It came before bcrypt (1999), scrypt (2009), SHA2crypt (2016), etc, and was committed in 1994:

* https://svnweb.freebsd.org/base/head/lib/libcrypt/crypt.c?re...

* https://github.com/freebsd/freebsd-src/commit/3b2b7f71deba2a...

* https://phk.freebsd.dk/sagas/md5crypt/

* https://en.wikipedia.org/wiki/Poul-Henning_Kamp

To clarify: not MD5 itself. It was created in 1991 by Ron Rivest. (It is my experience that knowledge of these things isn't as widely distributed as one might hope.)

I first came across it in 1995/1996: Wow, what a magical tool for backend web stuff! I used it for everything.

Okay.

What qualifications does phk have that are relevant to the current subject?

  • He has a daughter and thus does not want to worry about her online well-being yet (see article).

    But I believe that's misplaced, because she will be vulnerable as an adult, and there was never a way to produce encryption which was not easy to turn to non-crackable encryption for those not wanting to play along with national laws.