Uninvertible passwd encryption (was: Re: Kmem security)
Sean Eric Fagan
sef at kithrup.COM
Fri Mar 22 06:31:46 AEST 1991
In article <1991Mar19.231715.28594 at comp.vuw.ac.nz> duncan at comp.vuw.ac.nz (Duncan McEwan) writes:
>Exactly why is the Unix password encryption algorithm
>uninvertible?
You should take this to sci.crypt, as people there would love to bore you to
death with details about it.
But here is my (albeit limited) understanding of it: the algorithm is
uninvertible (vertible?) because you cannot get to the previous value in any
step. That is, the password starts out, and gets munged 8 (I think; could
be some other number) times, with the output of each time being used as the
input of the next iteration. Now, the function used to "munge" it does not
have a one-to-one mapping. That is, for each output, there are many
possible inputs (or the other way around, possibly). Let's say that, for
each possible output, there are 8 possible inputs. As a result, you have to
worry about 8**8 (16777216) possible intermediate steps if you reverse it,
the final one of which is a password.
Anyway, if I'm wrong, I apologise. I was half-asleep during the talk I went
to about this... 8-(
--
Sean Eric Fagan | "I made the universe, but please don't blame me for it;
sef at kithrup.COM | I had a bellyache at the time."
-----------------+ -- The Turtle (Stephen King, _It_)
Any opinions expressed are my own, and generally unpopular with others.
More information about the Comp.unix.admin
mailing list