martinl@molihp.UUCP (Martin M Lacey) (11/29/85)
Does anyone have the source for crypt, or perhaps the algorithms that is uses. I would greatly apreciate the info and would be happy to summerize for the net. Thanx in advance. Martin the Magician. Bzzzzzzzzzz........ZAP!!!
wcs@ho95e.UUCP (Bill.Stewart.4K435.x0705) (11/30/85)
In article <113@molihp.UUCP> martinl@molihp.UUCP (Martin M Lacey) writes: > Does anyone have the source for crypt, or perhaps the > algorithms that is uses. I would greatly apreciate the info > and would be happy to summerize for the net. To get source for standard UNIX commands, you need a Source License from AT&T. If you read whatever UNIX license you do have (probably 4.2BSD?) it will tell you what you can and can't do with UNIX source and binaries; posting AT&T-developed source to the net is one of the things you CAN'T do. Posting Berkeley-derived source to the net depends on the specific license agreement you have. If you get your UNIX support as a binary sublicense from someone (I assume you do, since you'd have source otherwise) they may have placed additional restrictions on what you can do. Read your licenses. The phone number for AT&T UNIX Sales in the USA is 1-800-828-UNIX; I'm sorry I don't know an internationally usable number (they're in Greensboro N.C.) Crypt existed as part of Version 7 UNIX (or earlier?), so a V7 source license will let you read the source. Also, crypt was discussed in a recent AT&T Technical Journal (about October 1984). As the manual page says, it's a 256-element one-rotor Enigma machine; you can break it if you're good at that sort of stuff and/or read the article, but it's still a bit of work. Some later AT&T versions have a 3-rotor machine, which is harder to break, and there are DES-based crypt's out there also. The crypt(3) subroutine is different - it's a modified DES algorithm (less guaranteed security, but it's not the original algorithm so your hardware DES box can't help you.) Footnotes: All this discussion is my own interpretation and not an official pronouncement from AT&T. UNIX is a trademark of... etc. -- ## Bill Stewart, AT&T Bell Labs, Holmdel NJ 1-201-949-0705 ihnp4!ho95c!wcs
pdg@ihdev.UUCP (P. D. Guthrie) (12/01/85)
In article <113@molihp.UUCP> martinl@molihp.UUCP (Martin M Lacey) writes: > > Does anyone have the source for crypt, or perhaps the > algorithms that is uses. I would greatly apreciate the info > and would be happy to summerize for the net. > > Thanx in advance. > > Martin the Magician. > > Bzzzzzzzzzz........ZAP!!! You can't get the source without a V7 lisense, but here's a couple of pointers. The DES algorithm is clearly outlined (as a PASCAL program) in: Computer Networks by Andrew S. Tanenbaum, and a detailed description on the slightly different Unix algorithm is described in AT&T Bell Labs Technical Journal V63 No.8 Part 2 "The Unix System", in an article called "File Security and the UNIX system crypt command". Paul Guthrie ihnp4!ihdev!pdg UNIX is a tm of AT&T Bell Laboratories. { + other neccessary disclaimers}
clewis@mnetor.UUCP (Chris Lewis) (12/03/85)
In article <113@molihp.UUCP> martinl@molihp.UUCP (Martin M Lacey) writes: > > Does anyone have the source for crypt, or perhaps the > algorithms that is uses. I would greatly apreciate the info > and would be happy to summerize for the net. Note that Martin is from Vancouver *Canada* before you send the crypt *command* to him. You might get into a lot of trouble with the NSA if you ship crypt sources or binaries outside the US. "crypt", since it is an implementation of the DES, is a export-restricted item and requires an export license. That's why the international versions of UNIX don't have the command. AT&T got into trouble with it in Version 7. The password "crypt" subroutine is not-quite DES, but you still might have some trouble if somebody finds out. -- Chris Lewis, UUCP: {allegra, linus, ihnp4}!utzoo!mnetor!clewis BELL: (416)-475-8980 ext. 321