Bugtraq mailing list archives
Re: passwd hashing algorithm
From: pcl () foo oucs ox ac uk (Paul C Leyland)
Date: Thu, 20 Apr 1995 12:29:46 +0100
"David A. Wagner" <dawagner () phoenix Princeton EDU> wrote:
1. 25 iterations of DES with the first 8 bytes of the password as key, followed by 25 iterations of DES with the second 8 bytes of password as key.You've obviously got something else in mind. By all means, please tell me how you're going to do it in 2^32 DES steps (still 2^35 (32 GB) bytes of storage, a non-trivial sum.) Details and crypto-babble welcome:)Ok, here's the explanation. I'd love to hear feedback about whether this is on charter for bugtraq; if it's not, email me and I'll avoid spamming y'all in the future.
Likewise, if the appended source code for my re-implementation of DEC's buggy crypt16() is unacceptable.
I'm interested in hearing more information about the OSF/1 or Ultrix hash function -- is there any place where I can get source or anything? I have access to one OSF/1 box, but it doesn't have any man pages or anything on a crypt16().
Below is the stuff I wrote for Michael Glad's UFC to implement crypt16(). If you need more context, you'll need to get hold of UFC from your favourite crypto archive. Unfortunately, I've lost my re-discovery of the OSF/1 bigcrypt() algorithm. DEC are *very* reticent about letting details out and its documentation is virtually non-existent. However, examination of the contents of /tcb/files/auth/p/pcl as I changed my password, together with a few astute guesses, was all that were required. If I find the bigcrypt() code again, I'll post it. Paul 8<---------------------------Snipped from UFC----------------------->8 /* * Ultrix crypt16 function, thanks to pcl () convex oxford ac uk (Paul Leyland) */ char *crypt16(key, salt) char *key, *salt; { ufc_long *s, *t; char ktab[9], ttab[9]; static char q[14], res[25]; /* * Hack DES tables according to salt */ setup_salt(salt); /* * Setup key schedule */ clearmem(ktab, sizeof ktab); (void)strncpy(ktab, key, 8); ufc_mk_keytab(ktab); /* * Go for first 20 DES encryptions */ s = _ufc_doit((ufc_long)0, (ufc_long)0, (ufc_long)0, (ufc_long)0, (ufc_long)20); /* * And convert back to 6 bit ASCII */ strcpy (res, output_conversion(s[0], s[1], salt)); clearmem(ttab, sizeof ttab); if (strlen (key) > 8) (void)strncpy(ttab, key+8, 8); ufc_mk_keytab(ttab); /* * Go for second 5 DES encryptions */ t = _ufc_doit((ufc_long)0, (ufc_long)0, (ufc_long)0, (ufc_long)0, (ufc_long)5); /* * And convert back to 6 bit ASCII */ strcpy (q, output_conversion(t[0], t[1], salt)); strcpy (res+13, q+2); clearmem(ktab, sizeof ktab); (void)strncpy(ktab, key, 8); ufc_mk_keytab(ktab); return res; }
Current thread:
- Re: passwd hashing algorithm, (continued)
- Re: passwd hashing algorithm John F. Haugh II (Apr 23)
- RE: virus Erich W. Gunther (Apr 23)
- Re: passwd hashing algorithm David Miller (Apr 19)
- Re: passwd hashing algorithm David A. Wagner (Apr 19)
- Re: passwd hashing algorithm John F. Haugh II (Apr 21)
- AntiFlash talkd Richard Allen (Apr 19)
- Re: AntiFlash talkd James M. Golovich (Apr 19)
- Password Storage as Environment Variable Bill Bradley (Apr 19)
- Re: passwd hashing algorithm John F. Haugh II (Apr 23)
- Re: passwd hashing algorithm Marek Michalkiewicz (Apr 24)