Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!linus!philabs!seismo!hao!hplabs!sri-unix!edhall@rand-unix
From: edhall%rand-unix@sri-unix.UUCP
Newsgroups: net.unix-wizards
Subject: Re:  Security...
Message-ID: <2742@sri-arpa.UUCP>
Date: Fri, 1-Jul-83 13:48:00 EDT
Article-I.D.: sri-arpa.2742
Posted: Fri Jul  1 13:48:00 1983
Date-Received: Thu, 7-Jul-83 20:44:46 EDT
Lines: 13

UNIX `salts' its passwords with a 12-bit random number so that
identical plaintext has only a one-out-of-4096 chance of producing
the same cyphertext.  The first two characters of the encrypted
password represent this `salt'.  The salt is used to permute a
lookup table in the DES encryption algorithm.

Modifying the DES algorithm used for password encryption in this way
also keeps someone from making a fast password-search device using a
DES chip (unless the salt just happened to be that one-out-of-4096th
combination that corresponds to the actual DES standard; perhaps this
particular salt should be inhibited).

		-Ed