Path: utzoo!attcan!uunet!husc6!mailrus!ames!pasteur!ucbvax!nav.icst.nbs.gov!rbj
From: rbj@nav.icst.nbs.gov (Root Boy Jim)
Newsgroups: comp.protocols.tcp-ip
Subject: shadow passwords?
Message-ID: <8811230204.AA09141@nav.icst.nbs.gov>
Date: 23 Nov 88 02:04:34 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: National Institute of Standards and Technology
Lines: 23

? From: rick@seismo.css.gov (Rick Adams)

? A better implementation of shadow passwords is not to replace
? the encrypted password field with * or something obvious, but to
? replace it with the correct number of random characters. Let the
? wouldbe cracker TRY and decrypt something that isn't encrypted!

? --rick

My point exactly, except that DES is dense, that is, given all possible
64 bit codes input codes, all possible 64 bit codes will be generated.
Upon reflection, this is obvious; were it not so, the algorithm would
be unreversible (impossible to decrypt). BTW, there are four keys which
which when applied twice reproduce the plaintext. That is,
des_encrypt(des_encrypt(plaintext)) = plaintext. Two of them are all
zeros and all ones. I don't know what the other two are.

Of course, even with successful cracking in the above case, they wouldn't
match the data in the shadow file.

	(Root Boy) Jim Cottrell	(301) 975-5688
	<rbj@nav.icst.nbs.gov> or <rbj@icst-cmr.arpa>
	Crackers and Worms -- Breakfast of Champions!