brad@cayman.COM (Brad Parker) (03/16/88)
I have a couple of questions about crypt(3). 1. Is there any public domain code to implement it? (has it been "cloned"), or is the unix library code the only very in the world? 2. Is crypt(3) the same on all unix machines? i.e. can one encoded password be tested on ANY unix machine? (SUN's YP (yellow pages) seems to reply on this fact, so it would seem to be true) 3. What is the status of crypt? Is this code, since it's part of the unix release, strongly protected by A. T. & T. ? Is the algorithm obvious and in the public domain? (I have always believed that it is a trade secret/proprietary, but I'm curious what others may know/believe) I would like to encrypt unix passwords on a non-unix machine in order to validate users (imagine authenticating Unix based passwords on a non-unix machine). Does any one else do this or need this service? Currently "pcnfsd" (shipped with PC/NFS from Sun) does this via an RPC. Even though this works (we use it), I'm interested in any other viable solutions. Thanks for any/all responses. -brad ps: I posted this once before; I'm afraid it did not get out. Sorry if it did. -- Brad Parker Cayman Systems "You are sleeping; you don't want to believe..." brad@Cayman.com - from a (yet another) Smith's tune
speicher@mitre.arpa (03/19/88)
crypt(3) uses an algorithm based on the DES. Basically, the routine encrypts a constant using the password as a key. The question of compatibility arises when it is possible to redefine this constant. Some systems, SYSV comes to mind, allow you to redefine this constant with the "setkey()" routine. Typically, the constant is NULL. The main difference that I know of between the standard implementation of the DES and crypt(3) is that crypt encrypts the constant many times. This was originally designed to make it difficult for "brute force" crypt breakers, because potential passwords take a substantial amount of CPU time to compute. The passwords are never decrypted. When the system asks for a password, it encrypts the constant using the password as the key. It also uses a "salt" value. This value shows up in the encrypted string as the first two characters of that string. According to the manual entry for crypt(3), the salt is used to "perturb the hashing algorithm", making it difficult for identical passwords to produce identical encrypted strings. When the password in "/etc/passwd" is created, the system clock value at the time is sampled and "bit fiddled" to produce the salt. The end result is that any password can be encrypted 4096 different ways. I'm not aware that the Unix password encryption routines are in the public domain. However, I do have a copy of "des" that I got from "comp.sources.unix". I will mail you the shell archive. By the way, I personally don't trust the DES. The last I heard, the analysis behind the selection box matrix is still classified by NSA. It's very possible that there is a built in "trap door" to quickly decipher in case of national emergency. I don't like the idea of ANYONE having the keys to break an encryption scheme that is in widespread use. Clay speicher@mitre.arpa "I am not Herbert"