wa371@sdcc12.UUCP (wa371) (05/03/85)
Can anyone tell me how secure 'crypt' is on a UNIX system? Lets assume that the password is secure and not obvious. Thanks, Bernd R. Bernd 'bear-nd' *** hooray for USENET *** (Not affiliated with, nor speaking for U.C. San Diego) UUCP: ...!ucbvax!sdcsvax!sdcc12!wa371, ARPA: sdcsvax!sdcc12!wa371@nosc
brooks@lll-crg.ARPA (Eugene D. Brooks III) (05/05/85)
> Can anyone tell me how secure 'crypt' is on a UNIX system? > Lets assume that the password is secure and not obvious. > Thanks, > Bernd R. > > Bernd 'bear-nd' *** hooray for USENET *** > (Not affiliated with, nor speaking for U.C. San Diego) > UUCP: ...!ucbvax!sdcsvax!sdcc12!wa371, ARPA: sdcsvax!sdcc12!wa371@nosc I understand that there is unreleased program at Bell Labs that can crack crypt in short order on a vax. This is not surprising as crypt is based on the enigma that was cracked before the days of computers. *** REPLACE THIS LINE WITH YOUR MESSAGE ***
goldman@umn-cs.UUCP (Matthew D. Goldman ) (05/06/85)
In article <287@sdcc12.UUCP> wa371@sdcc12.UUCP (wa371) writes: >Can anyone tell me how secure 'crypt' is on a UNIX system? >Lets assume that the password is secure and not obvious. >UUCP: ...!ucbvax!sdcsvax!sdcc12!wa371, ARPA: sdcsvax!sdcc12!wa371@nosc Around here the only people who use crypt are the professors. They use it in an attempt to keep the systems staff from reading the midterms. Crypt is not very secure. (we don't read the midterms because we like our jobs :-)) -- ------- Matthew Goldman Computer Science Department University of Minnesota ...ihnp4{!stolaf}!umn-cs!goldman Home is where you take your hat off... Banzai!
smb@ulysses.UUCP (Steven Bellovin) (05/07/85)
> Can anyone tell me how secure 'crypt' is on a UNIX system? > Lets assume that the password is secure and not obvious. > Thanks, > Bernd R. > > Bernd 'bear-nd' *** hooray for USENET *** > (Not affiliated with, nor speaking for U.C. San Diego) > UUCP: ...!ucbvax!sdcsvax!sdcc12!wa371, ARPA: sdcsvax!sdcc12!wa371@nosc It isn't secure at all. The recent special UNIX issue of the AT&T Technical Journal (a.k.a. the AT&T Bell Laboratories Technical Journal, a.k.a. the Bell System Technical Journal) had a paper by Peter Weinberger and Jim Reeds on how to crack it....
fleep@reed.UUCP (Philip Ljubicich) (05/08/85)
In article <287@sdcc12.UUCP> wa371@sdcc12.UUCP (wa371) writes: >Can anyone tell me how secure 'crypt' is on a UNIX system? >Lets assume that the password is secure and not obvious. >Thanks, >Bernd R. > >Bernd 'bear-nd' *** hooray for USENET *** >(Not affiliated with, nor speaking for U.C. San Diego) >UUCP: ...!ucbvax!sdcsvax!sdcc12!wa371, ARPA: sdcsvax!sdcc12!wa371@nosc Although I can't answer the main question, I can give you something to look out for. I was cleaning up my files one day while my friend was encrypting some files. I did a 'w' command to find out why the load average was so high, and low and behold I see my friend has done the command 'crypt franklin < diary > temp'. It is possible for someone to pickup your password by accident, or intentionally, if they are monitoring the processes running while you are encrypting. I realize that this isn't what was requested, but I thought it might be useful. Good luck, fleep (Philip Ljubicich)
dww@stl.UUCP (David Wright) (05/09/85)
In article <566@lll-crg.ARPA> brooks@lll-crg.ARPA (Eugene D. Brooks III) writes: >I understand that there is unreleased program at Bell Labs that can >crack crypt in short order on a vax. This is not surprising as crypt is >based on the enigma that was cracked before the days of computers. > Or as I understand it was partly responsible for the creation of computers! - it was cracking Enigma codes that Turing etc developed the first programmable electronic digital computers for. (At Blechley Park, near Milton Keynes, UK).