Path: utzoo!mnetor!uunet!husc6!mit-eddie!jbs
From: jbs@eddie.MIT.EDU (Jeff Siegal)
Newsgroups: sci.crypt
Subject: Re: Crypt() hackers
Message-ID: <8045@eddie.MIT.EDU>
Date: 3 Feb 88 17:55:38 GMT
References: <538@ddsw1.UUCP>
Reply-To: jbs@eddie.MIT.EDU (Jeff Siegal)
Organization: MIT, EE/CS Computer Facilities, Cambridge, MA
Lines: 15

In article <538@ddsw1.UUCP> dnelson@ddsw1.UUCP (Douglas Nelson) writes:
>I heard something about the regular old crypt() on most versions of Unix has
>been cracked by a program???

Not crypt() the library routine--crypt the program.  If you have files
encrypted using the crypt program, they can be attacked easily (i.e.
by someone without any knowledge of codebreaking) using Bob Baldwin's
"Crypt Breaker's Workbench" (cbw).  

Bob's fdes package speeds up the crypt() routine by a factor of
20-100, so brute force attacks become more attractive (e.g. throwing
/usr/dict/words at the password file) but, in general, crypt() is not
know to have been broken.

Jeff Siegal