Re: Re[4]: encryption algs

[Kevin Conaway <kevin.conaway () gmail com>]

As far as I can tell, here is how crypt() works:

crypt(salt,plaintext) -> salt+HASH(plaintext)

It takes a two character salt and a plaintext.  For this example lets use:

salt = 'AA';
plaintext = 'kevinconaway';

The digest that crypt() returns consists of the salt appended with the
digest of the first 8 bytes of the plaintext..

So the digest will be 'AA' + HASH('kevincon')

where HASH is DES or MD5 depending on how the implentation of crypt()
(the GNU implementation allows you to use MD5 by passing in a special
salt).

Kevin



On Mon, 31 Jan 2005 23:48:01 +0300, BoI base <postbase () mail ru> wrote:
> KC> It shows that crypt() takes the lower 7 bits of the plaintext to
> KC> produce a 56bit key.
> Now, it's clear for me.
>
> KC> This produces the "13-letters state" as you put
> KC> it.  So as far as taking the output from a normal implementation of
> KC> DES and transforming it an output like that of crypt(), I'm not sure
> KC> its possible.
> I saw encoding table (such as base64) for crypt(). But I don't think,
> that it's correct table.
>
> I guess, that this scheme is scheme for crypt():
> input -> some actions 1 -> DES -> some actions 2 -> output
>
> a) input is password and salt.
> b) some actions 1: preparing encryption string and DES key
> c) DES: no comments
> d) some actions 2: salt + encrypted strng (64 bit) encoded by base64-like
> algorithm
> e) output is 104-bit hash
>
> I have a question about point b)
> What is this preparing? For example, maybe encryption string looks
> like salt+password and DES key "takes the lower 7 bits of the
> plaintext to produce a 56bit key", where plaintext=salt+password.
>
> Am I right?
>
> I got sources for DES http://www.cr0.net:8040
>
> Maybe you have implementations of b) and d) points?
>
> --
> Best regards, Xanders  mailto:postbase () mail ru