Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: notesfiles
Path: utzoo!watmath!clyde!cbosgd!ihnp4!zehntel!hplabs!hp-pcd!uokvax!emks
From: emks@uokvax.UUCP (emks)
Newsgroups: net.crypt
Subject: Re: Orphaned Response
Message-ID: <12900003@uokvax.UUCP>
Date: Mon, 7-Jan-85 10:27:00 EST
Article-I.D.: uokvax.12900003
Posted: Mon Jan  7 10:27:00 1985
Date-Received: Mon, 21-Jan-85 06:28:06 EST
References: <-654800@brl-tgr.UUCP>
Lines: 56
Nf-ID: #R:brl-tgr:-654800:uokvax:12900003:37777777600:2197
Nf-From: uokvax!emks    Jan 16 07:27:00 1985

/***** uokvax:net.crypt / mit-eddi!menageri /  9:54 pm  Dec 16, 1984 */
Can anyone out there tell me how passwords are encoded on Unix? ...
		... Please note that I am *NOT* trying to break the
encryption, I just want to know specifically how it is done, so please
don't flame at me about the possibility/impossibility of breaking it. 

Thanks in advance.
					greg
/* ---------- */
Greg,

The actual source code that does the encryption is considered "proprietary"
under the provisions of the UNIX* license agreement, but the /bin/passwd and
/{bin,etc}/login programs use the crypt(3) call which you can locate in
/lib/libc.a.  Crypt(3) is simply a software implementation of the DEA (or
DES, depending on who is certifying the algorithm, if anyone).

Most sites use "/bin/passwd" to generate the crypted password for installation
in the /etc/passwd file.  [I know this isn't what you were looking for, but I
found this information useful when I first learnt about it several years ago.]
In /bin/passwd, the "salt" is generated using the time and other factors in
a fashion like (NOTE: may be site-dependent, and the means don't affects the
security of the password at all, since the salt is usually available.]

	time(&salt);
	salt += getpid();		/* I've seen other variants used -ks */
	saltc[0] = salt & 077;
	saltc[1] = (salt >> 6) & 077;
	while(i < 2) {
		c = saltc[i] + '.';
		if(c > '9')
			c += 'A' - '9' - 1;
		if(c > 'Z')
			c += 'a' - 'Z' - 1;
		if(!(c & 037))
			c += '@';
		saltc[i++] = c;
	}

But, again, the actual password is generated using the crypt(3) call using
the output of the routine above for the salt.  And I think you'll have a
difficult time, should you be inclined, reversing the process by anything
short of brute force.  But it is not impossible.  Read the most recent BLTJ
supplement volume on UNIX for more security information.

Crypted passwords are a definite "plus," but when people are told "NO,"
they'll *always* find a way.  It reminds me of saying "NO!" to my little
nephew...

Have a safe holiday.

		kurt


P.S.  Does anyone know if the output of crypt(3) is unique?  I.e. could there
be more than one key/salt combination which outputs the same result?