To be fair the DEK-Info IV should be different for each key generated, so rainbow tables and other common precomputation attacks are pretty much out of the question.
It's not as good as PBKDF2, but it's better than nothing and is probably why stretching isn't used.
As for the argument about being susceptible to a dictionary attack, well if you go to the trouble of using key-based auth then use a dictionary word you're kind of asking for it really.
> To be fair the DEK-Info IV should be different for each key generated, so rainbow tables and other common precomputation attacks are pretty much out of the question.
That's valid; however, when you can compute 33.1B MD5 hashes a second, who needs rainbow tables? http://blog.zorinaq.com/?e=43
Six and seven digit passphrases are easily brute-forced.
It's not as good as PBKDF2, but it's better than nothing and is probably why stretching isn't used.
As for the argument about being susceptible to a dictionary attack, well if you go to the trouble of using key-based auth then use a dictionary word you're kind of asking for it really.