Xref: utzoo comp.unix.wizards:13850 news.admin:4448
Path: utzoo!attcan!uunet!mcvax!hp4nl!ruuinf!piet
From: piet@ruuinf (Piet van Oostrum)
Newsgroups: comp.unix.wizards,news.admin
Subject: Re: Password security - Another idea
Message-ID: <949@ruuinf.UUCP>
Date: 4 Jan 89 13:27:57 GMT
References: <228@sea375.UUCP> <4497@xenna.Encore.COM> <2271@pompeii.cs.swarthmore.edu> <230@ibd.BRL.MIL> <946@ruuinf.UUCP> <10629@rpp386.Dallas.TX.US>
Sender: piet@ruuinf.UUCP
Reply-To: piet@ruuinf (Piet van Oostrum)
Followup-To: comp.unix.wizards
Organization: Dept of Computer Science, University of Utrecht, Holland
Lines: 16
In-reply-to: jfh@rpp386.Dallas.TX.US (The Beach Bum)

In article <10629@rpp386.Dallas.TX.US>, jfh@rpp386 (The Beach Bum) writes:
`
`No - you are still only storing 56 bits of password data.  What you
`are doing is providing a multi-way encryption algorithm, you are not
`expanding the key space.
`
`Since there are only 2^56 possible outputs, and 2^132 inputs, some of
`them must map onto other encrypted passwords - a multi-way encryption.
`
You are right, only it is 2^64 (the key for DES is 56 bits, but the output
is 64 bits), so this still gives an 8 bit improvement, making it 128 times
as hard.
-- 
Piet van Oostrum, Dept of Computer Science, University of Utrecht
Padualaan 14, P.O. Box 80.089, 3508 TB Utrecht, The Netherlands
Telephone: +31-30-531806        UUCP: ...!mcvax!hp4nl!ruuinf!piet