how are password encryped?
Christopher R Volpe
volpe at camelback.crd.ge.com
Thu Nov 8 11:21:08 AEST 1990
In article <1990Nov6.151444.3409 at druid.uucp>, darcy at druid.uucp (D'Arcy
J.M. Cain) writes:
|>
|>Would you trust a password encryption scheme that you could figure out?
|>See crypt(3C) and crypt(3X) for a short discussion on DES Encryption.
The original poster said he couldn't figure out *how* passwords
are encrypted, not how to decrypt them.
I wouldn't trust a password encryption scheme that *relied* upon
an attacker's inability to figure out *how* the encryption is done.
You should *always* assume the enemy knows your encryption algorithm.
Only the key is assumed secret.
|>
|>--
|>D'Arcy J.M. Cain (darcy at druid) |
|>D'Arcy Cain Consulting | I support gun control.
|>West Hill, Ontario, Canada | Let's start with the government!
|>+ 416 281 6094 |
==================
Chris Volpe
G.E. Corporate R&D
volpecr at crd.ge.com
More information about the Comp.unix.misc
mailing list