Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!ut-sally!utah-cs!utah-gr!stride!tahoe!unsvax!jimi!robert
From: robert@jimi.cs.unlv.edu (Robert Cray)
Newsgroups: sci.crypt
Subject: Re: DES info wanted
Message-ID: <566@jimi.cs.unlv.edu>
Date: Fri, 8-May-87 21:34:22 EDT
Article-I.D.: jimi.566
Posted: Fri May  8 21:34:22 1987
Date-Received: Sun, 10-May-87 05:49:16 EDT
References: <2071@hoptoad.uucp> <599@umnd-cs.D.UMN.EDU> <18742@ucbvax.BERKELEY.EDU>
Reply-To: robert@jimi.UUCP (Robert Cray)
Distribution: world
Organization: University of Nevada, Las Vegas
Lines: 18
Keywords: DES, uses other

In article <18742@ucbvax.BERKELEY.EDU> rotondo@ernie.Berkeley.EDU.UUCP (Scott Rotondo) writes:
>DES is used in the Unix crypt(3) function (NOT crypt(1)) to encode passwords.
>The algorithm is DES except that the initial permutation is altered to one
>of 4096 possibilities by the first two characters in the passwd file entry,
>known as "salt" bits.  This makes it impossible to encrypt common words
>and then check them against all the passwd entries looking for a match.
>

You are correct, however I would add that there exist implimentations of
crypt(3) that are fairly fast (Bob Baldwin's fdes) -- when I tried it, it
could run through about 50,000 calls to fcrypt(3) (on an 11/780) in
about 45 minutes. Given a few days, someone with bad intentions could
easily check a list of "common" words against every user (each word
would have to be re-encrypted for every user).  The same is true for the
password-encryption on VMS, except that the VMS routines (that were posted
to the net) go through about 50k words in ~11 minutes.

					--robert