Uninvertible passwd encryption (was: Re: Kmem security)
Duncan McEwan
duncan at comp.vuw.ac.nz
Wed Mar 20 09:17:15 AEST 1991
This has drifted off the topic a little bit, so I've changed the Subject
(again!) and killed the References:
In article <1991Mar18.153201.23325 at lth.se>
magnus at thep.lu.se (Magnus Olsson) writes:
>login does *not* have to decrypt the password from /etc/passwd - indeed,
>I don't think there's any way it could do that! (The encryption function
>is not invertible - several different passwords acan have the same
>encrypted from).
This response to an earlier posting reminded me of something I have been
curious about. Exactly why is the Unix password encryption algorithm
uninvertible? It seems to me that the fact that several passwords can
have the same encrypted form is irrelevent -- the cracker simply has to
find any *one* password results in a given encrypted string and they are
in.
Is it to do with the fact that Unix encrypts a constant string using the
password as a key -- so it *is* possible to work back to that constant string,
but you still know nothing about the password?
Apologies to any cryptologists out there, to whom this must be obvious!
Duncan.
More information about the Comp.unix.admin
mailing list