Path: utzoo!attcan!utgpu!news-server.csri.toronto.edu!mailrus!uwm.edu!rpi!zaphod.mps.ohio-state.edu!uakari.primate.wisc.edu!xanth!mcnc!decvax.dec.com!zinn!ubbs-nh!siia!drd
From: drd@siia.mv.com (David Dick)
Newsgroups: comp.os.minix
Subject: Re: Crypt()
Message-ID: <1990Jun29.222218.4942@siia.mv.com>
Date: 29 Jun 90 22:22:18 GMT
References: <22918@nigel.udel.EDU>
Organization: Software Innovations, Inc.
Lines: 26

In <22918@nigel.udel.EDU> archer%segin4.segin.fr@prime.com (Vincent Archer) writes:

>There's a solution that will satisfy everyone: use a scrambler rather than a
>crypter. A scrambler's output is not reversible (like passwords in /etc/passwd
>should be), so scramblers algorithm are not considered as "sensible material".
>Unfortunately, I do not have a scrambler algorithm at hand, but here's an idea:

>- Create a 64*64 matrix of bits, using somehow the password and the salt. An
>  example of a good matrix output would be the set of bits generated by the
>  crc algorithm applid on a cyclic pattern taken from the password, skipping
>  the first "salt" bits.
>- Multiply the vector of bits from the password by this matrix. You get a
>  new vector of bits that is the "scrambled" password, which you put in your
>  /etc/passwd (or use in /bin/login, /usr/bin/su, or any program that strikes
>  your fancy).

>  I sincerely doubt that this function would be reversible. If anybody can
>  think of an algorithm that (even with the salt value) gives back the original
>  password, well, maths can do wonders :-)

I don't think there is any particular reason to believe
this is a non-reversible function.  I also don't understand
the distinction you are drawing between "crypters" and "scramblers".

David Dick
Software Innovations, Inc. [the Software Moving Company(sm)]