Query on speed of crypt(3)

[Daniel Ray]

In article <11885 at smoke.BRL.MIL>, gwyn at smoke.BRL.MIL (Doug Gwyn) writes:
> In article <235 at tnl.UUCP> norstar at tnl.UUCP (Daniel Ray) writes:
> >The key to password security (assuming we stay with a crypt(3)-type
> >hashing scheme with shorter length passwords) seems to be having a unique
> >scheme for each machine.
> 
> No, a much simpler and better solution is to keep the encrypted
> passwords unreadable (except of course to specific privileged
> programs that perform password validation etc.).

what I meant was that BOTH a unique crypt() function AND an unreadable
password file are good ideas. Hopefully the shadow (or other) unreadable
password file, containing the encrypted strings, will suffice. If, however,
a user manages to get a copy of the password file, then he/she may still
be stopped if the crypt() algorithm is unique to that machine.

Security may be best if it is not too standardized. Individual quirks and
modifications will inhibit generalized sweeps for defects or holes. A
cracker will have to struggle if the target machine is different from the
norm. Viruses and worms (such as the Morris internet worm) won't work if
the assumptions are wrong for that machine. A BUILT-IN mechanism for machine
individualization can go a long way towards increasing the time necessary
to break security. This theme is what nature herself uses to insure survival.
While one organism may succumb to a new disease, another, because it is
different, will remain immune. Long live survival through variation!


norstar
The Northern Lights, Burlington Vermont             |      The first rule
tnl dialins: 802-865-3614 at 300-2400 bps.        ` | /    of security is
------------------------------------------      --- * ---  that there IS NO
uucp: uunet!uvm-gen!tnl!norstar or                / | .    security...
{decvax,linus}!dartvax!uvm-gen!tnl!norstar          |