Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84; site ulysses.UUCP
Path: utzoo!watmath!clyde!cbosgd!gatech!ulysses!smb
From: smb@ulysses.UUCP (Steven Bellovin)
Newsgroups: net.crypt,net.bugs.v7,net.bugs.4bsd
Subject: Re: Re: crypt 3 is OK, but setkey and encrypt 3 NOT
Message-ID: <1065@ulysses.UUCP>
Date: Mon, 26-Aug-85 16:11:33 EDT
Article-I.D.: ulysses.1065
Posted: Mon Aug 26 16:11:33 1985
Date-Received: Wed, 28-Aug-85 20:35:31 EDT
References: <4958@allegra.UUCP> <683@vu44.UUCP> <517@baylor.UUCP>
Distribution: net
Organization: AT&T Bell Laboratories, Murray Hill
Lines: 11
Xref: watmath net.crypt:442 net.bugs.v7:207 net.bugs.4bsd:1714

> OK. The documentation on 4.2 crypt doesn't mention DES. I seem to remember
> reading in some security paper somewhere that crypt used a deliberately
> flawed version of DES so DES chips couldn't be used for a fast exhaustive
> search. Anyone actually have the paper involved (I read it in a manual
> rack on the 5th floor of Evans while waiting for printout), so they can
> confirm or deny this vicious rumor?

The paper is "Password Security:  A Case History", by Thompson and Morris.
It's in the 4.2 documentation, and was also published in CACM, November, 1979.
The paper is well worth reading if you're at all interested in password
security.