Path: utzoo!mnetor!uunet!husc6!hao!oddjob!gargoyle!ddsw1!dnelson
From: dnelson@ddsw1.UUCP (Douglas Nelson)
Newsgroups: sci.crypt
Subject: Re: Is DES breakable with a known-plaintext attack?
Message-ID: <504@ddsw1.UUCP>
Date: 27 Jan 88 18:41:41 GMT
References: <1449@crlt.UUCP>
Reply-To: dnelson@ddsw1.UUCP (Douglas Nelson)
Organization: Traveller's Aid, Mundelein, IL
Lines: 24
Keywords: DES known plaintext


I saw an interesting program used by hackers on Unix in order to hack away
at passwords encrypted in the /etc/passwd file.

Basically the program took a plaintext word from the /use/dict/words file,
a large spellcheck dictionary found on most System V/BSD/Etc sytems anymore,
crypted the plaintext (using crypt() ) the compared it using strcmp against
the password field in the /etc/passwd file.

Seemed quite effective if your passwords were standard plaintext english words.

What exactly is the fate of the standard DES encryption method?  I am a person
that has very little knowledge of DES or encryption, but have a growing interest.

From my understanding it was dropped as the national standard, and a new
chip-type of encryption method is going to be used(?)

Any help to my ignorant mind would be greatly appreciated...!


------------------
Douglas Nelson
dnelson@ddsw1.UUCP
------------------