Path: utzoo!attcan!uunet!samsung!uakari.primate.wisc.edu!dali.cs.montana.edu!rpi!image.soe.clarkson.edu!sunybcs!dsinc!unix.cis.pitt.edu!gvlv2!lock60!rdb1!root
From: root@rdb1.UUCP (Robert Barrell)
Newsgroups: comp.unix.questions
Subject: Re: How secure is UNIX?
Summary: What about CBW?
Keywords: Security, ftp
Message-ID: <207@rdb1.UUCP>
Date: 13 Jun 90 11:36:41 GMT
References: <1990Jun4.102422.12896@agate.berke <1752@necis <8480@crdgw1.crd.ge.com>
Organization: Cody Computer Services
Lines: 26

In article <8480@crdgw1.crd.ge.com>, volpe@underdog.crd.ge.com (Christopher R Volpe) writes:
> Wait a minute. It sounds to me like Dan is claiming that with a 10
> (or 20) line C program, he was able to find an arbitrary password
> (with uppercase and numerals) via encryption....
>...
> He says he didn't use /usr/dict/words or any sort of [word list] at all,
> which implies something along the lines of an exhaustive search. 
> I find that highly unlikely, considering that the password encryption
> mechanism is an implementation of DES, which uses a 56 bit key. 
> A brute force search of the keyspace is pretty unfeasable. Perhaps
> I misunderstood the claim.

     Instead of performing an exhaustive search on passwords, perhaps Dan is
doing something by running through all the possible 2-character salt values on
the encrypted password.  Even so, isn't crypt() supposed to "rotate" so many
times anyway to defeat such an attempted decryption?  
     Also, what about the CBW (Crypt-Breaker's Workshop) programs?  I believe
they are only for entire files that have been encrypted, but don't know if they
are useful for passwords or not.


-- 
Robert Barrell      | ...!cbmvax!gvlv2!lock60!rdb1!root | Cody Computer Services
Milo's Meadow BBS   |        root@rdb1.canal.org        | 55 East High Street
login: nuucp or bbs |-----------------------------------| Pottstown, PA   19464
(215) 323-0497      | Business and Police Dept Software | (215) 326-7476