[prev in list] [next in list] [prev in thread] [next in thread]
List: secprog
Subject: Re: Precomputed Dictionary Attacks (was Re: Preventing
From: toad <matthew () TOSELAND ! F9 ! CO ! UK>
Date: 2001-04-11 14:34:59
[Download RAW message or body]
On Tue, Apr 10, 2001 at 03:19:37PM +1000, Peter Jeremy wrote:
> On 2001-Apr-09 11:11:28 -0500, "L. Adrian Griffis" <dt26453@dstsystems.com> wrote:
> >As I recall, the password encryption scheme for Unix that I heard
> >about was based on an analysis of some version of a World War
> >cypher machine. This was soon replaced by the "encryption"
> >scheme we use now, which, if I remember right, modifies a well
> >known constant with the salt, and then iteratively DES encrypts
> >the constant 25 times using a key derived from the supplied
> >password.
>
> Actually, the salt modifies the encryption algorithm: The salt
> is XOR'd into the (left XOR right) part of each internal iteration
> within DES. The constant is always all zeros.
>
> The reason for doctoring DES is to ensure that hardware DES machines
> can't be used to crack Unix passwords.
>
> The freeware Unices (Linus & *BSD) have all expanded the password
> hashing scheme to allow alternative algorithms (eg MD5 and blowfish),
> increased salt sizes (24-bits with DES, 48 bits for MD5 and blowfish)
> and varying numbers of rounds.
128-bits for OpenBSD blowfish, with a variable number of rounds, as pointed out
previously.
>
> Peter
--
The road to Tycho is paved with good intentions
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic